in

Memory Corruption Zero-Day Bug Found In Windows Notepad App

Memory Corruption Zero-Day Bug Found In Windows Notepad App 1

Security specialist Tavis O., part of the Google Project Zero team, revealed several serious mistakes and threats. This time, he found a zero-day vulnerability in the Notebook app that affects Windows users.

You can use a zero-day error to open a Windows CMD window from Notepad. Ormandi reports that this is clearly an exploit, so the hacker cannot press the dialog boxes correctly, which means that it is not a security error.

“The mistake is very dangerous,” he revealed in his Twitter feed, as some people thought they were just playing and right-clicking.

Am I the first person to post in a notebook? “…. You may not believe, This is a real mistake! “pic.twitter.com/t2wTh7E93p

— Tavis Ormandy (@taviso) May 28, 2019

This is real corruption in memory, I reported it to MSRC. A lot of people responded thinking I was just kidding…. I replied ‘it ‘s a real problem’ – It took me a weekend to find good CFG gadgets just by showing up

— Tavis Ormandy (@taviso) May 28, 2019

Ormandi, informally calls him “Notebad.”

Microsoft has already been notified of a zero-day error. There were no details in the tweet, including exactly which versions of Windows were attacked. That ‘s because the Google Project team gave a 90-day non-disclosure period to Microsoft so the company could work on a security patch.

Ormandi stated that he managed to create a remote exploit of code execution using an error. He will publish the successes and details of the Zero Day Notebook bug to his blog once Microsoft releases the patch in the same or deadline is over. The bug will also be fully documented on the public bug tracking tool.

0 0 vote
Article Rating

What do you think?

Written by admin

Theta360 leak – 11 million photos, user data exposed 2

Theta360 leak – 11 million photos, user data exposed

Georgia State Patrol agency infected with ransomware 3

Georgia State Patrol agency infected with ransomware