Root Cause Analysis of Windows Kernel UAF Vulnerability lead to CVE-2016-3310

August 17, 2016

  In the first quarter of 2016, we realized that there were tons of windows kernel use-after-free (UAF) vulnerability patches in Microsoft bulletins where most of the vulnerabilities came from Google Project Zero, which is favourable to us because we can easily access those proof-of-concepts (POC). While doing a root cause analysis of one of the UAF vulnerabilities stated in CVE-2015-6100, we discovered that there is an alternative way to trigger the same UAF vulnerability, even after the specified patch has been applied due to weak security...

Read more...

Previous Article
Q&A with Andy Travers on the Unique Security Requirements of Government Agencies 
Q&A with Andy Travers on the Unique Security Requirements of Government Agencies 

The Government of Canada selected Fortinet to secure its IT infrastructure. Fortinet's Andy Travers shares ...

Next Article
Protecting Your Organization from the WCry Ransomware
Protecting Your Organization from the WCry Ransomware

Ransomware has become the fastest growing malware threat, targeting everyone from home users to healthcare ...