Cisco Blogs
Share

Dangerous Clipboard: Analysis of the MS15-072 Patch


October 20, 2015 - 1 Comment

This post was authored by Marcin Noga with contributions from Jaeson Schultz.

Have you ever thought about how security researchers take a patch that has been released, and then reverse it to find the underlying security issue? Well, back In July Microsoft released security bulletin MS15-072, titled: “Vulnerability in Windows Graphics Component Could Allow Elevation of Privilege (3069392)”. According to Microsoft, this vulnerability “could allow elevation of privilege if the Windows graphics component fails to properly process bitmap conversions.” Talos decided to have a deeper look at this vulnerability in order to better understand it, and this post describes the details of this process so that our readers may gain a better understanding of how this is done.

To read the full post, please visit the talosintel.com blog by clicking here.

 



Tags:

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.

1 Comments

  1. all comments massage