by Heath Adams | Jun 1, 2022 | Exploit Development
Introduction It was reported on May 30th by Microsoft that the Microsoft Support Diagnostic Tool (MSDT) was being actively exploited to obtain RCE on systems. The vulnerability, which can be executed through malicious Office documents, can be used to access remote...
by Heath Adams | Aug 20, 2021 | Exploit Development
If you’ve ever tried to run a command prompt as administrator on your Windows OS before, you’ve seen a harmless popup appear. This is Windows User Account Control, or UAC. According to Microsoft, UAC “is a fundamental component of Microsoft’s overall security vision....
by Heath Adams | Aug 3, 2021 | Exploit Development, Penetration Testing
Trendy vulnerabilities like PrinterNightmare and attacking Active Directory Certificate Services may seem incredible currently (and they are), but they end up being manually patched out and dealt with over time. Systems administrators will consider their risk and...