tags:windowsuafrace_conditionbindiffuaf]], original link: Dissecting the CVE-2024-38106 Fix newsletter link: exploits.club Weekly Newsletter 37 - Juicy Overflows, The Art Of Exploitation, Rust in Firmware, and More


Exploits Club Summary:

@b1thvn_ and Pixiepoint Security rolled out a “just the facts” blog on the ITW vuln CVE-2024-38106 which Microsoft patched last month. The post starts with a quick bindiff to show the security relevant patches, and gives a quick overview of the race condition, which leads to a UAF. It ends with a crash PoC and a full crash dump should anyone be interested in continuing their research and carrying out a full RCA or exploit.