<img height="1" width="1" alt="" style="display:none" src="https://www.facebook.com/tr?id=619966238105738&amp;ev=PixelInitialized">

ENSILO BLOG

You are Reading:  

Command Injection/Elevation – Environment Variables Revisited

Windows environment variables can be used to run commands and can also be used to bypass UAC, allowing an attacker with limited privileges to take complete control of the system.

Read More

Elastic Boundaries – Elevating privileges by environment variables expansion

Even though any process is provided variables from its environment – they are often overlooked by users, developers and sometimes even the OS itself.

Read More

Captain Hook: Pirating AVs to Bypass Exploit Mitigations

tl;dr: We found 6(!) different common security issues that stem from incorrect implementation of code hooking and injections techniques. These issues were found in more than 15 different products....

Read More

Sedating the Watchdog: Abusing Security Products to Bypass Mitigations

tldr; design issues in various security products, such as anti-virus, make it significantly easier for threat actors to bypass exploit mitigations. In particular, we found a prevalent flaw where...

Read More

Class Dismissed: 4 Use-After-Free Vulnerabilities in Windows

Introduction

Today, Microsoft released their latest Patch Tuesday. This Patch includes a fix for CVE-2015-2363, a complementary patch to CVE-2015-2360 from last month. The two CVEs together...

Read More

Vulnerability Patching: Learning from AVG on Doing it Right.

Updated March 25: added a proof-of-concept video

Read More

CATEGORIES

FEATURED ARTICLES

tag cloud