Gabriel Landau
@gabriellandau.bsky.social
WinDbg’er @ Elastic Security.
Thoughts are my own.
Some of my writing: http://tiny.cc/jqeavz
More writing: http://tiny.cc/9cj0vz
Also: https://twitter.com/GabrielLandau
Thoughts are my own.
Some of my writing: http://tiny.cc/jqeavz
More writing: http://tiny.cc/9cj0vz
Also: https://twitter.com/GabrielLandau
Reposted by Gabriel Landau
New blog post on the abuse of the IDispatch COM interface to get unexpected objects loaded into a process. Demoed by using this to get arbitrary code execution in a PPL process. googleprojectzero.blogspot.com/2025/01/wind...
Windows Bug Class: Accessing Trapped COM Objects with IDispatch
Posted by James Forshaw, Google Project Zero Object orientated remoting technologies such as DCOM and .NET Remoting make it very easy ...
googleprojectzero.blogspot.com
January 30, 2025 at 6:37 PM
New blog post on the abuse of the IDispatch COM interface to get unexpected objects loaded into a process. Demoed by using this to get arbitrary code execution in a PPL process. googleprojectzero.blogspot.com/2025/01/wind...
Woot j00ru just dropped another FFI CVE: project-zero.issues.chromium.org/issues/42451...
January 2, 2025 at 8:59 PM
Woot j00ru just dropped another FFI CVE: project-zero.issues.chromium.org/issues/42451...
I had the privilege of hanging out with j00ru at REcon Montreal after my talk about False File Immutability. I just found out that his latest work, CVE-2024-43452, was directly inspired by my talk and our chat. Feels good, man. project-zero.issues.chromium.org/issues/42451...
Project Zero
project-zero.issues.chromium.org
December 5, 2024 at 7:23 PM
I had the privilege of hanging out with j00ru at REcon Montreal after my talk about False File Immutability. I just found out that his latest work, CVE-2024-43452, was directly inspired by my talk and our chat. Feels good, man. project-zero.issues.chromium.org/issues/42451...