Using a buffer overflow, I have been able to override return addresses. But the problem is that Windows addresses contain zeros at the beginning (e.g. 0x00401020). As a result, the objdump of any C binary will contain zero’s. This makes it…
Dynamically loading libraries in an application can lead to vulnerabilities if not secured properly. In this blog post we talk about loading a library using LoadLibraryEx() API and make use of options to make it safe.
Know the defaults:
The library fil…
Today we released eight security bulletins addressing 13 unique CVE’s. Two bulletins have a maximum severity rating of Critical while the other six have a maximum severity rating of Important. The table is designed to help you prioritize the deployment…
Today, we released an update to address a vulnerability in Group Policy Preferences (MS14-025). Group Policy Preferences was an addition made to Group Policy to extend its capabilities. Among other things, Group Policy Preferences allows an administrat…
I am making a presentation to the class about “SSL 2.0 deprecated protocol” and I really have no idea how this exploit is used or how the attacker can use this vul. I understand the impact of this vul, but I need a complete explanation on …
