Monthly Archives: April 2015

Keep your Windows servers patched

Unlike Heartbleed and Shellshock, this vulnerability hasn’t gotten much attention. And so far it “only” results in a denial of service by crashing unpatched servers. The new vulnerability found (and patched) in HTTP.sys in Windows is super simple to exploit

Tagged with: , , , ,
Posted in Hacking

OS X 10.10.3 still vulnerable

I just wanted to notify our readers interested in OS X security about a new finding that Patrick Wardle has made. He stated in his blog that he’s able to exploit rootpipe on a fully patched OS X 10.10.3! If

Tagged with: , , ,
Posted in Hacking

Hidden backdoor API to root privileges in Apple OS X

TL;DR The Admin framework in Apple OS X contains a hidden backdoor API to root privileges. It’s been there for several years (at least since 2011), I found it in October 2014 and it can be exploited to escalate privileges

Tagged with: , ,
Posted in Hacking