CTF Protocol Serves as a Low-Level Way to Take Over Windows Machines

CTF Protocol Serves as a Low-Level Way to Take Over Windows Machines. It has been found to be insecure. Messages between windows in a session were being handled by “CTF”, which is buried as part of the Windows Text Services Framework. CTF can change the rails the program is running on in real time. But Ormandy found there was no access control in CTF. Any application, even a sandboxed process — can connect to any CTF session. If an app has a high level of privileges, the attacker may be able to take full control over a victim’s computer.”]

Source: https://www.darkreading.com/abtv/ctf-protocol-serves-as-a-low-level-way-to-take-over-windows-machines/a/d-id/753531

Something Fresh

What to Know About The Jamaica Data Protection Act

St Vincent and the Grenadines embracing CariSECURE

Jamaica's Gov’t Looking to Finalize Data Protection Act Regulations

What People Reading

Feedback and data-driven updates to Googles disclosure policy

Mozilla Says Google's New Ad Tech - FLoC - Doesn't Protect User Privacy

Selling technology to cops, part 2

Launching AnonLeaks, Ready To Dump More HBGary E-mails!

RSA: Geolocation shows just how dead privacy is

Categories

Partners

Just add here your partners image or promo text