|
Up
|
|
|
|
|
2013-05-19 - Part 1 - The Microsoft Way.txt
|
|
|
|
|
2013-06-18 - Part 3 - Untitled.txt
|
|
|
|
|
2013-07-22 - Part 4 - Untitled.txt
|
|
|
|
|
2013-07-27 - Part 5 - Stick and persistent vulnerabilities.txt
|
|
|
|
|
2013-08-07 - Part 6 - Beginners errors, QA sound asleep or out of sight.txt
|
|
|
|
|
2013-08-17 - Part 7 - Executable files in data directories.txt
|
|
|
|
|
2013-08-24 - Part 8 - Executables everywhere.txt
|
|
|
|
|
2013-08-31 - Part 9 - Erroneous Documentation.txt
|
|
|
|
|
2013-09-21 - Part 10 - Untitled.txt
|
|
|
|
|
2013-10-01 - Part 11 - Privilege escalation for dummies.txt
|
|
|
|
|
2013-10-19 - Part 12 - NOOP security fixes.txt
|
|
|
|
|
2013-11-03 - Part 13 - surprising and inconsistent behaviour, sloppy coding, sloppy QA, sloppy documentation .txt
|
|
|
|
|
2013-11-24 - Part 14 - Incompete, misleading, and dangerous documentation.txt
|
|
|
|
|
2014-05-28 - Part 15 - Unquoted arguments in 120 of 462 command lines.txt
|
|
|
|
|
2014-05-31 - Part 16 - our developers and their QA dont follow our own security recommendations.txt
|
|
|
|
|
2014-06-25 - Part 17 - even a one-line script is vulnerable.txt
|
|
|
|
|
2014-09-02 - Part 18 - Microsoft Office 2010 registers command lines with unquoted pathnames.txt
|
|
|
|
|
2014-09-06 - Part 19 - Still no perfect forward secrecy per default in Windows.txt
|
|
|
|
|
2014-11-23 - Part 20 - Microsoft Update may fail to offer current security updates.txt
|
|
|
|
|
2014-11-23 - Part 21 - errors in consistencies in Windows registry data may lead to buffer overflows or use of random data.txt
|
|
|
|
|
2014-11-27 - Part 22 - no DEP in Windows' filesystem (and ASLR barely used .txt
|
|
|
|
|
2014-12-13 - Part 23 - two quotes or not to quote....txt
|
|
|
|
|
2014-12-21 - Part 24 - applications built with SDKs may be vulnerable.txt
|
|
|
|
|
2014-12-24 - Part 25 - no secure connections to MSDN, TechNet.txt
|
|
|
|
|
2014-12-31 - Part 26 - Set Program Access and Computer Defaults .txt
|
|
|
|
|
2015-01-31 - Part 27 - the command line you get differs from the command line I use to call you .txt
|
|
|
|
|
2015-02-19 - Part 28 - yes, we can (create even empty, but properly quoted pathnames) .txt
|
|
|
|
|
2015-02-21 - Part 29 - contradicting, ambiguous, incomplete documentation.txt
|
|
|
|
|
2015-03-15 - Part 30 - on exploitable Win32 functions .txt
|
|
|
|
|
2015-03-15 - Part 31 - UAC is for binary planting .txt
|
|
|
|
|
2015-09-04 - Part 32 - yet another (trivial) UAC bypass resp. privilege escalation.txt
|
|
|
|
|
2015-09-09 - Part 34 - our developers and our QA still ignore our own security recommendations .txt
|
|
|
|
|
2015-09-11 - Part 33 - arbitrary code execution (and UAC bypass) via RegEdit.exe Part 33 - .txt
|
|
|
|
|
2015-09-15 - Part 35 - Windows Explorer ignores Run as administrator .txt
|
|
|
|
|
2015-11-15 - Part 36 - CWE-428 or fun with unquoted paths .txt
|
|
|
|
|
2015-12-05 - Part 37 - MMC.exe and DrvInst.exe load and execute .dll with elevated resp. SYSTEM privileges .txt
|
|
|
|
|
2016-01-15 - Part 38 - does Microsoft follow their own security guidance advisories .txt
|
|
|
|
|
2016-03-15 - Part 39 - vulnerabilities, please meet the bar for security servicing .txt
|
|
|
|
|
2016-05-28 - Part 40 - seven plus year old blended threat still alive and kicking .txt
|
|
|
|
|
2016-06-23 - Part 41 - vulnerable by (poor implementation of bad) design.txt
|
|
|
|
|
2016-08-11 - Part 42 - Sysinternals utilities load and execute rogue DLLs from TEMP.txt
|
|
|
|
|
2016-09-06 - Part 43 - restricting the DLL load order fails.txt
|
|
|
|
|
2016-10-12 - Part 44 - complete failure of Windows Update.txt
|
|
|
|
|
2016-10-20 - Part 45 - filesystem redirection fails to redirect the application directory.txt
|
|
|
|
|
2017-03-21 - Part 46 - no checks for common path handling errors in Application Verifier.txt
|
|
|
|
|
2017-03-21 - Part 47 - AppLocker bypasses are not serviced via monthly security roll-ups.txt
|
|
|
|
|
2017-07-05 - Part 48 - privilege escalation for dummies -- they didn't make SUCH a stupid blunder .txt
|
|
|
|
|
2018-01-30 - Part 49 - fun with application manifests.txt
|
|
|
|
|
2018-02-05 - Part 50 - Windows Update shoves unsafe crap as important updates to unsuspecting users .txt
|
|
|
|
|
2018-02-09 - Part 51 - Skype's home-grown updater allows escalation of privilege to SYSTEM.txt
|
|
|
|
|
2018-02-14 - Part 52 - HTTP used to distribute (security) updates, not HTTPS .txt
|
|
|
|
|
2018-04-09 - Part 53 - our MSRC doesn't know how Windows handles PATH .txt
|
|
|
|
|
2018-04-09 - Part 54 - escalation of privilege during installation of Microsoft Office 20xy.txt
|
|
|
|
|
2018-07-17 - Part 55 - new software built with 5.5 year old tool shows 20+ year old vulnerabilities .txt
|
|
|
|
|
2018-07-17 - Part 55 - new software built with 5.5 year old tool shows over 20 year old vulnerabilities.txt
|
|
|
|
|
2018-07-18 - Part 56 - 10 plus year old security update installers are susceptiblle to 20 plus year old vulnerability.txt
|
|
|
|
|
2018-08-14 - Part 57 - all the latest MSVCRT installers allow escalation of privilege.txt
|
|
|
|
|
2018-09-02 - Part 58 - installation of security updates fails on Windows Embedded POSReady 2009.txt
|
|
|
|
|
2019-01-18 - Part 59 - we only fix every other vulnerability.txt
|
|
|
|
|
2019-01-29 - Part 61 - security features are built to fail (or documented wrong).txt
|
|
|
|
|
2019-02-26 - Part 60 - same old sins and incompetence! .txt
|
|
|
|
|
2020-02-24 - Part 62 - Windows shipped with end-of-life components.txt
|
|
|
|
|
2020-03-10 - Part 63 - program defaults, settings, policies ... and (un)trustworthy computing .txt
|
|
|
|
|
2020-03-27 - Part 64 - Windows Defender loads and exeutes arbitrary DLLs.txt
|
|
|
|
|
2020-03-27 - Part 65 - unsafe, easy to rediect paths all over .txt
|
|
|
|
|
2020-03-28 - Part 66 - attachment manager allows to load arbitrary DLLs .txt
|
|
|
|
|
2020-04-13 - Part 67 - we maintain 20 year old bugs since we don't care about our customers safety and security.txt
|
|
|
|
|
2020-06-03 - Part 68 - qUACkery is futile!.txt
|
|
|
|
|
2020-06-03 - Part 69 - security remarks are as futile as the qUACkery!.txt
|
|
|
|
|
2020-07-23 - Part 70 - CVE-2014-0315 alias MS14-019 revisited .txt
|
|
|
|
|
2020-12-15 - Part 71 - where compatibility means vulnerability .txt
|
|
|
|
|
2021-03-03 - Part 72 - compatibility trumps security .txt
|
|
|
|
|
2021-03-08 - Part 73 - ignorance (of security advisories) is bliss!.txt
|
|
|
|
|
2021-04-02 - Part 74 - Windows Defender SmartScreen is rather DUMP, it allows denial of service.txt
|
|
|
|
|
2021-04-29 - Part 75 - Bypass of SAFER alias Software Restriction Policies NOT FIXED .txt
|
|
|
|
|
2021-04-29 - Part 76 - arbitrary code execution WITH elevation of privilege in user-writable directories below SystemRoot.txt
|
|
|
|
|
2021-05-14 - Part 77 - access without access permission.txt
|
|
|
|
|
2021-10-13 - Part 78 - completely outdated, vulnerable open source component(s) shipped with Windows 10&11 .txt
|
|
|
|
|
2021-10-14 - Part 79 - Local Privilege Escalation via Windows 11 Installation Assistant.txt
|
|
|
|
|
2022-05-10 - Part 80 - 25 (in words TWENTY-FIVE) year old TRIVIAL bug crashes CMD.exe.txt
|
|
|
|
|
2023-02-10 - Part 81 - enabling UTF-8 support breaks existing code.txt
|
|
|
|
|
2023-02-22 - Part 82 - INVALID BOGUS AppLocker rules disable SAFER on Windows 11 22H2.txt
|
|
|
|
|
2023-03-15 - Part 83 - instead to fix even their most stupid mistaskes, they spill barrels of snakeoil to cover them (or just leave them as-is) .txt
|
|
|
|
|
2023-03-22 - Part 84 - (no) fun with COMSPEC .txt
|
|
|
|