subject:"Defense in depth \-\- the Microsoft way \(part 51\)\: Skype's home\-grown updater allows escalation of privilege to SYSTEM"

Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM

2018-02-12 Thread Stefan Kanthak

Hi @ll, since about two or three years now, Microsoft offers Skype as optional update on Windows/Microsoft Update. JFTR: for Microsoft's euphemistic use of "update" see Once installed, Skype uses its own proprietary update mechanism instead

Re: [FD] Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM

2018-02-14 Thread Jeffrey Walton

On Fri, Feb 9, 2018 at 1:01 PM, Stefan Kanthak wrote: > Hi @ll, > > since about two or three years now, Microsoft offers Skype as > optional update on Windows/Microsoft Update. > > JFTR: for Microsoft's euphemistic use of "update" see > > > On

Re: [FD] Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM

2018-02-15 Thread Stefan Kanthak

"Jeffrey Walton" wrote: > On Fri, Feb 9, 2018 at 1:01 PM, Stefan Kanthak > wrote: [ http://seclists.org/fulldisclosure/2018/Feb/33 ] > Not sure if this is related, but: > https://winbuzzer.com/2018/02/14/microsoft-just-killed-skype-classic-response-unfixable-security-bug-xcxwbn/ This is of c

Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM

Re: [FD] Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM

Re: [FD] Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM

3 matches

Site Navigation

Mail list logo

Footer information