Exploit reliability is high unless exploiting from the Chrome sandbox in these scenarios it is still possible to exploit the target on older versions of Windows (Windows 7 and prior) however we did find that there was some interesting behavior going on with the Chrome sandbox escape shellcode as while it would disassociate the current process with the Chrome sandbox job (and henceforth the job’s limitations), it would occasionally trigger APC_INDEX_MISMATCH errors under certain conditions, particularly if the target user was an administrator. The bug itself is relatively easy to trigger if you understand how Window messages work, but is a bit tricky to understand if your not familiar with this. Wrote up a technical analysis of this bug for Exodus Intelligence at <. This CVE ID is unique from CVE-2019-0797. An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka ‘Win32k Elevation of Privilege Vulnerability’.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |