ZecOps Research Team

exploitable bug on Microsoft Teams

Crash Analysis Series: An exploitable bug on Microsoft Teams ?! A Tale of One Bit

This is a story about a Microsoft Teams crash that we investigated recently. At first glance, it looked like a possible arbitrary code execution vulnerability, but after diving deeper we realized that there’s another explanation for the crash. TLDR; ZecOps ingested and analyzed an event that seems exploitable on a Windows machine from Microsoft Teams …

Crash Analysis Series: An exploitable bug on Microsoft Teams ?! A Tale of One Bit Read More »

Running code in the context of iOS Kernel: Part I + LPE POC on iOS 13.7

Abstract.  Due to its popularity, iOS has attracted the attention of a large number of security researchers.  Apple is constantly improving iOS security, develops and adapts new mitigations at a rapid pace. In terms of the effectiveness of mitigation measures, Apple increases the complexity of hacking iOS devices making it one of the hardest platforms …

Running code in the context of iOS Kernel: Part I + LPE POC on iOS 13.7 Read More »

Exploring the Exploitability of “Bad Neighbor”: The Recent ICMPv6 Vulnerability (CVE-2020-16898)

At the Patch Tuesday on October 13, Microsoft published a patch and an advisory for CVE-2020-16898, dubbed “Bad Neighbor”, which was undoubtedly the highlight of the monthly series of patches. The bug has received a lot of attention since it was published as an RCE vulnerability, meaning that with a successful exploitation it could be …

Exploring the Exploitability of “Bad Neighbor”: The Recent ICMPv6 Vulnerability (CVE-2020-16898) Read More »

Crash Reproduction Series: Microsoft Edge Legacy

During yet another Digital Forensics investigation using ZecOps Crash Forensics Platform, we saw a crash of the Legacy (pre-Chromium) Edge browser. The crash was caused by a NULL pointer dereference bug, and we concluded that the root cause was a benign bug of the browser. Nevertheless, we thought that it would be a nice showcase …

Crash Reproduction Series: Microsoft Edge Legacy Read More »

This website uses cookies so that we can provide you with the best user experience and to deliver advertising messages and offers that are relevant to you.