🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

This patch Tuesday fixed 5 vulnerabilities discovered by KunlunLab. 2 of them were for TianfuCup pdf reader sandbox escape & Win10 LPE, 1 CLFS bug was caught as in the wild exploit.

CISA adds 15 vulns to the exploited list but at least 1 is wrong : CVE-2017-0101 is a null ptr deref in ntkrnl/tm, not exploitable for x64. The linked exp mislead them. It exploited a win32k bug (maybe 0102 or silence fixed one). Vulnerability Intel is hard.

A lot of (36 in total) CVEs(5 critical) from Kunlun Lab fixed this month, mostly in DNS Server, SMB, LDAP, RPC runtime, Hyper-v...

Kunlun lab reported 30 of the total 74 fixed vulnerabilities this month, with 3 different CVSS 9.8 rated ones related to LDAP & NFS.

Congratulations to Yuki Chen 3rd year as #1 of MSV

Repro of recently patched in the wild Chrome 0day CVE-2023-2033 by Kunlun Lab: mp.weixin.qq.com/s/2yy3ViqcBEbH… (CN) , more details available via CyberKunlun Intelligence Service

🎉Congratulations Yuki Chen Zhiyi Saga zhiniang peng!

[POC2023] - SPEAKER UPDATE1⃣4️⃣ 💁‍♂️ Yuki Chen, k0shl, Azure Yang - Bug Hunting and Exploiting in Microsoft's Message Queuing (MSMQ) Components #POC2023

[POC2023] Keynote on vulnerability insights mj0011 giving his talk on “Navigating the light and darkness in the world of vulnerabilities” #POC2023

[POC2023] D2 - Track B No MSMQ related talk was discussed before but now it is! Yuki Chen k0shl, Azure are talking about “Bug Hunting and Exploiting in Microsoft's Message Queuing(MSMQ) Components" #POC2023

Fascinating MSMQ talk by Yuki Chen, k0shl, & Azure on their msrc CVEs. Their exploitation is very clever bypassing all mitigations on latest Windows. Brilliant work! #POC2023

This vulnerability is as critical as BlueKeep or EternalBlue. while Microsoft still ranked it as 'Exploitation less likely.' Urgent need for independent, closed-source vulnerability intelligence.

Super hyped to hear k0shl got the RCE pwnie as well 🌶️🔥. I've been doing work manifesting for my own top picks haha 😆

Congrats k0shl

MSRC fixed a RCE bug in TCPIP module. I found the bug several months ago. Its score is 9.8 and exploitation is more likely. Please apply the patch immediately.

0Click Windows Tcpip RCE found by Kunlun Lab. We offer intel services for proactive defense to critical vulnerabilities. Contact to learn more.

Portions of PoC seems to have been public today

Developed a simple tool for Black Myth: Wukong that enables 32:9 aspect ratio. available on GitHub if anyone's interested. github.com/3dnow/BlackMyt…

Wow

A fully compatible replacement of Windows NT NtCreateLowBoxToken syscall - precisely restored from reverse engineering github.com/3dnow/NtCreate…