Security Alerts & News
by Tymoteusz A. Góral

History
#1034 Google Project Zero: A year of Windows kernel font fuzzing #1: the results
This post series is about how we used at-scale fuzzing to discover and report a total of 16 vulnerabilities in the handling of TrueType and OpenType fonts in the Windows kernel during the last year. In part #1 here, we present a general overview of the font security area, followed by a high-level explanation of the fuzzing effort we have undertaken, including the overall results and case studies of two bug collisions. In the upcoming part #2, we will share the specific technical details of the project, and how we tried to optimize each part of the process to the maximum extent, and go beyond the current state of the art in Windows kernel font fuzzing.
Read more
#1036 Hard Rock Las Vegas, Noodle and Co. confirm hacks
#1035 The latest Android overlay malware spreading via SMS phishing in Europe
#1034 Google Project Zero: A year of Windows kernel font fuzzing #1: the results
#1033 High-severity bugs in 25 Symantec/Norton products imperil millions
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12