A root cause analysis of CVE-2018-0797 - Rich Text Format Stylesheet Use-After-Free vulnerability

April 1, 2018

Over the last few months, the Microsoft Security Response Centre (MSRC) has released a number of Windows updates to fix multiple Use-After-Free (UAF) vulnerabilities discovered by FortiGuard Labs. As stated in our previous blog post, we will provide a technical write-up for one of the UAF issues that was rated as critical by MSRC. The issue is assigned to CVE-2018-0797. In this blog post we will share our methodologies in identifying the root cause of the issue, as well as an analysis of the mitigation deployed by Microsoft to address the UAF vulnerability.

Read more...

Previous Article
Data Breaches Are A Growing Epidemic. How Do You Ensure You’re Not Next?
Data Breaches Are A Growing Epidemic. How Do You Ensure You’re Not Next?

Recent reports of large data breaches are alarming for everyone. Customers worry about the implications of ...

Next Article
Securing IT Modernization at The Federal Level
Securing IT Modernization at The Federal Level

Federal agencies are modernizing legacy IT systems to mitigate cyber risks. Learn why the modernization of ...