VS-Labs

Analyzing CVE-2019-1436 on Windows 10 v1903

Analyzing CVE-2019-1436 on Windows 10 v1903

VerSprite's Research team uncovers silently patched information leak within Win32k Windows 10 v1709 to v1903. Exploitation of this vulnerability allows attackers to leak the value of win32kbase!gahDpiDepDefaultGuiFonts. Read the N-Day vulnerability and exploit analysis here.

Watch Now

Category

View All
Google Fuchsia OS Sets a New Standard for Operating System Security
Security Research

Google Fuchsia OS Sets a New Standard for Operating System Security

VerSprite Finds Vulnerability in NETGEAR Nighthawk WiFi Router
Security Research

VerSprite Finds Vulnerability in NETGEAR Nighthawk WiFi Router

Unpatched Security Vulnerability in OPTO 22 PAC Basic Software
Security Research

Unpatched Security Vulnerability in OPTO 22 PAC Basic Software

Razer Synapse 3 Security Vulnerability Analysis Report
Security Research

Razer Synapse 3 Security Vulnerability Analysis Report

Windows Named Pipes Part 4: Taking a Trip Down Static Analysis Lane
Security Research

Windows Named Pipes Part 4: Taking a Trip Down Static Analysis Lane

Part 3: Reversing & Exploiting Custom Windows Named Pipe Servers
Security Research

Part 3: Reversing & Exploiting Custom Windows Named Pipe Servers

VerSprite Cyberwatch
Security Research

VerSprite Cyberwatch

Reversing Stories: Updating the Undocumented ESTROBJ and STROBJ Structures for Windows 10 x64
Security Research

Reversing Stories: Updating the Undocumented ESTROBJ and STROBJ Structures for Windows 10 x64

Investigating Microsoft Windows Vulnerability CVE-2019-1169
Security Research

Investigating Microsoft Windows Vulnerability CVE-2019-1169

Automating CVE-2019-1436 Variant Analysis: An Intro to Detecting Information Leaks via IDAPython
Security Research

Automating CVE-2019-1436 Variant Analysis: An Intro to Detecting Information Leaks via IDAPython

Part II: Analysis of a Vulnerable Microsoft Windows Named Pipe Application
Security Research

Part II: Analysis of a Vulnerable Microsoft Windows Named Pipe Application

Part I: The Fundamentals of Windows Named Pipes
Security Research

Part I: The Fundamentals of Windows Named Pipes

Analyzing CVE-2019-1436 on Windows 10 v1903
Security Research

Analyzing CVE-2019-1436 on Windows 10 v1903

Utilizing Reverse Proxies to Inject Malicious Code & Extract Sensitive Information
Application Security, Security Research

Utilizing Reverse Proxies to Inject Malicious Code & Extract Sensitive Information

Waves Maxx Audio DLL Side-Loading LPE via Windows Registry
Application Security, Security Research

Waves Maxx Audio DLL Side-Loading LPE via Windows Registry