Hi @ll,
since some time Mozilla Firefox and Thunderbird for Windows come with
a maintenance service (running privileged under the SYSTEM account):
https://support.mozilla.org/en-US/kb/what-mozilla-maintenance-service
The maintenanceservice_installer.exe (which is extracted into the
resp.
Hi @ll,
since Microsoft won't -- despite (hopefully not only) my constant
nagging and quite some bug reports about unquoted command lines
for more than a dozen years now -- fix the BRAINDEAD behaviour
of Windows' CreateProcess*() functions to play tryerror instead
of returning on error to their
Hi @ll,
the exploit shown here should be well-known to every
Windows administrator, developer or QA engineer.
In Microsoft's own terms it doesn't qualify as security
vulnerability since UAC is a security feature, not a
security boundary.
Preconditions:
* a user running as protected
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-3191-1 secur...@debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
March 15, 2015
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-3188-1 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
March 15, 2015
Hello All,
Details of our SE-2014-02 project have been released to the public.
A technical writeup and accompanying Proof of Concept codes can be
found at the following location:
http://www.security-explorations.com/en/SE-2014-02-details.html
In case of Google App Engine for Java, its first
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-3187-1 secur...@debian.org
http://www.debian.org/security/ Michael Gilbert
March 15, 2015
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-3190-1 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
March 15, 2015
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-3189-1 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
March 15, 2015