- A+
Tencent Security Xuanwu Lab Daily News
• [Windows] WSUS Attacks Part 2: CVE-2020-1013 a Windows 10 Local Privilege Escalation 1-Day:
https://www.gosecure.net/blog/2020/09/08/wsus-attacks-part-2-cve-2020-1013-a-windows-10-local-privilege-escalation-1-day/
・ Windows WSUS 更新服务 CVE-2020-1013 提权漏洞的利用
– Jett
• [Tools] Using Qiling to resolve obfuscated import on windows:
https://gist.github.com/y0ug/b83fcf121f80d419c8d5eb342ca31a59
・ 利用 Qiling 框架自动化分析混淆样本的导入表信息
– Jett
• [Android] Attacking the Qualcomm Adreno GPU:
https://googleprojectzero.blogspot.com/2020/09/attacking-qualcomm-adreno-gpu.html
・ 从 Android App 沙箱内攻击 Qualcomm Adreno GPU,实现内核代码执行
– Jett
• [Tools] Creating Extensions for Visual Studio Code: A Complete Guide | Syncfusion Blogs:
https://www.syncfusion.com/blogs/post/creating-extensions-for-visual-studio-code-a-complete-guide.aspx
・ 为Visual Studio Code创建新扩展功能:完整指南手册。
– lanying37
• [Windows] TALOS-2020-1098 || Cisco Talos Intelligence Group - Comprehensive Threat Intelligence:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1098
・ Windows 10 CLFS.sys ValidateRegionBlocks 堆溢出漏洞分析
– Jett
• Critical Adobe Flaws Allow Attackers to Run JavaScript in Browsers:
https://threatpost.com/critical-adobe-flaws-attackers-javascript-browsers/159026/
・ Adobe 发布补丁更新,修复多个产品的多个的漏洞
– Jett
• [Tools, Windows] 2051 - Windows: CloudExperienceHostBroker Unsafe COM Object EoP - project-zero:
https://bugs.chromium.org/p/project-zero/issues/detail?id=2051
・ Issue 2051: Windows: CloudExperienceHostBroker Unsafe COM Object EoP
– Jett
• [Fuzzing] [PDF] https://hexgolems.com/talks/fuzzcon2020.pdf:
https://hexgolems.com/talks/fuzzcon2020.pdf
・ Fuzzcon 2020 会议 “Stateful Fuzzing with Snapshots” 议题的 PPT
– Jett
• GitHub - saaramar/echo_googlequals2020:
https://github.com/saaramar/echo_googlequals2020
・ Google Quals CTF 2020 Echo PWN Challenge Writeup
– Jett
• [Linux] Introduction to Embedded Linux Security - part 1:
https://embeddedbits.org/introduction-embedded-linux-security-part-1/
・ 嵌入式Linux安全性介绍-第1部分。
– lanying37
• September 2020 Security Updates:
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Sep
・ 微软发布 9 月份 Windows 补丁更新
– Jett
• DmEnrollment Service - MDMdiagnostics - Google Docs:
https://docs.google.com/document/d/120J4YG5FoycAsOhMe0SRYt_8sgEYY8A23tQBRwR5zSU/edit#
・ DmEnrollment 服务 MDMdiagnostics 注册表项权限问题导致本地提权
– Jett
• [Web] h2c Smuggling: Request Smuggling Via HTTP/2 Cleartext (h2c):
https://labs.bishopfox.com/tech-blog/h2c-smuggling-request-smuggling-via-http/2-cleartext-h2c
・ h2c Smuggling: Request Smuggling Via HTTP/2 Cleartext
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab