Anthony J. Fontanez
@ajf8729.com
Lead Customer Engineer (Intune/ConfigMgr)
Endpoint Management Enthusiast
Admin: WinAdmins Community (@winadmins.io)
About Me: https://ajf.one/me
Blog: https://ajf.one/blog
All views are my own.
Endpoint Management Enthusiast
Admin: WinAdmins Community (@winadmins.io)
About Me: https://ajf.one/me
Blog: https://ajf.one/blog
All views are my own.
It might just load it into memory, which is what I would imagine happens when passing a UNC path.
August 15, 2025 at 12:13 PM
It might just load it into memory, which is what I would imagine happens when passing a UNC path.
Not quite sure, don't see it in C:\Windows\Temp, and can't tell from a quick procmon glance.
August 15, 2025 at 12:09 PM
Not quite sure, don't see it in C:\Windows\Temp, and can't tell from a quick procmon glance.
If you were to trust their root CA as instructed, anything it issues would be inherently trusted by your device.
July 10, 2025 at 12:43 PM
If you were to trust their root CA as instructed, anything it issues would be inherently trusted by your device.
This is actually hilarious and no, you shouldn't blindly trust some root CA like this. This defeats the purpose of how PKI works. Public CAs are heavily regulated in terms of auditing and security.
July 10, 2025 at 12:43 PM
This is actually hilarious and no, you shouldn't blindly trust some root CA like this. This defeats the purpose of how PKI works. Public CAs are heavily regulated in terms of auditing and security.
Straight to the code: github.com/ajf8729/Blac...
GitHub - ajf8729/BlackLotus: BlackLotus aka CVE-2023-24932 Detection/Remediation Scripts for Intune, ConfigMgr, and generic use
BlackLotus aka CVE-2023-24932 Detection/Remediation Scripts for Intune, ConfigMgr, and generic use - ajf8729/BlackLotus
github.com
May 19, 2025 at 1:55 PM
Straight to the code: github.com/ajf8729/Blac...