Chaining Three Bugs to Get RCE in Microsoft AttackSurfaceAnalyzer ↳...

Chaining Three Bugs to Get RCE in Microsoft AttackSurfaceAnalyzer

↳ https://parsiya.net/blog/2019-06-18-chaining-three-bugs-to-get-rce-in-microsoft-attacksurfaceanalyzer/

This is a blog post about how I found three vulns and chained them to get RCE in the Microsoft AttackSurfaceAnalyzer (ASA moving forward) GUI version. Around a month ago someone posted a link to the new version of the tool from Microsoft….

from Hack+ https://ift.tt/2K0YevS
via IFTTT