tags:windowsuafXFGlpe original link: A Trick, The Story Of CVE-2024-26230 newsletter link: exploits.club Weekly Newsletter 16
Exploits Club Summary:
Sticking to the Microsoft theme, @KeyZ3r0 released a post this week discussing a vuln he discovered, exploited and reported in Windows Telephony Server. The UAF vuln is relatively straight forward, in which there is no check to see if an object being freed is owned by the context handle. The write-up then details the Heap Fengshui used to exploit the vuln, including a nice XFG bypass.