Ahahaha !!! :D Not that bad, Alex !! "hackcompat" rotfl -----Message d'origine----- De : Ros-dev [mailto:[email protected]] De la part de Thomas Faber Envoyé : lundi 9 février 2015 19:55 À : ReactOS Development List Objet : Re: [ros-dev] [ros-diffs] [hbelusca] 66192: [WINLOGON][WIN32K] Move the shutdown privilege check from winlogon to win32k (function "UserInitiateShutdown") as it should be done. [WIN32K] - Introduce the pair of UserInitiateS...
Well, we don't need to be jailbroken, so we can be secure. ;) Let's fix it, blog about it, and get someone to publish something along the lines of "Open Source Windows clone more secure than Windows -- ReactOS developers fixed vulnerability, but Microsoft's response to the same issue still outstanding" Everyone wins :D On 2015-02-09 19:37, Alex Ionescu wrote: > This would be the win32k 0 day that's been blogged and unfixed in > Windows for over 4 years now, and which allows the Surface RT to be > jailbroken. You really want to fix this? :( What about hackcompat?! > > Best regards, > Alex Ionescu > > On Sun, Feb 8, 2015 at 12:37 AM, Thomas Faber > <[email protected]> > wrote: > >> On 2015-02-07 16:26, [email protected] wrote: >>> @@ -792,24 +791,54 @@ >>> case UserThreadInitiateShutdown: >>> { >>> ERR("Shutdown initiated\n"); >>> - STUB; >>> - Status = STATUS_NOT_IMPLEMENTED; >>> + >>> + if (ThreadInformationLength != sizeof(ULONG)) >>> + { >>> + Status = STATUS_INFO_LENGTH_MISMATCH; >>> + break; >>> + } >>> + >>> + Status = UserInitiateShutdown(Thread, >> (PULONG)ThreadInformation); >>> break; >>> } >> >> This looks like contrary to the other cases, ThreadInformation is >> neither probed, nor accessed inside SEH here? _______________________________________________ Ros-dev mailing list [email protected] http://www.reactos.org/mailman/listinfo/ros-dev _______________________________________________ Ros-dev mailing list [email protected] http://www.reactos.org/mailman/listinfo/ros-dev
