Twitter | Pretraživanje | |
Matt Miller
Killing bug classes and breaking exploits as part of . Adding more entropy to the Internet.
1.177
Tweetovi
632
Pratim
10.550
Osobe koje vas prate
Tweetovi
Matt Miller 30. sij
Odgovor korisniku/ci @loobeny @msftsecresponse
Thanks for flagging, I'll pass this on to the team to take a look at
Reply Retweet Označi sa "sviđa mi se"
Matt Miller 27. sij
Not sure if this is an official account or not, adding who might know for sure :)
Reply Retweet Označi sa "sviđa mi se"
Matt Miller proslijedio/la je tweet
Hari Pulapaka 27. sij
we have an update to DTrace on Windows. with the latest 20H1 insider build, no more KD required to use dtrace on windows. plus arm64 MSI.
Reply Retweet Označi sa "sviđa mi se"
Matt Miller proslijedio/la je tweet
—(÷[ Nate Warfield speaking @ BlueHat IL ]÷)— 24. sij
We updated the Security Servicing Criteria for Windows today clarifying a non-boundary (Hyper-V Administrator Group) & expanding the Administrator-to-Kernel non-boundary. We do this periodically in response to research trends; feedback is always welcome.
Reply Retweet Označi sa "sviđa mi se"
Matt Miller 21. sij
Super excited for in a few weeks I'll be attending the conference, so shoot me a DM if you want to meet or catch up :) Thanks to & team as well as all of the speakers for putting together a great agenda!
Reply Retweet Označi sa "sviđa mi se"
Matt Miller 21. sij
Here's your chance to hear tell the story of MS08-067 and finding exploits in crash reports :) And in case you missed the blog post he published a while ago:
Reply Retweet Označi sa "sviđa mi se"
Matt Miller proslijedio/la je tweet
Dave dwizzzle Weston 18. sij
Agree this is a good analysis. Props.
Reply Retweet Označi sa "sviđa mi se"
Matt Miller 16. sij
Worth checking out if you're interested in safer programming language research!
Reply Retweet Označi sa "sviđa mi se"
Matt Miller 16. sij
Odgovor korisniku/ci @GossiTheDog @aionescu i 12 ostali
Here's another citation from the first use of this API :) cc
Reply Retweet Označi sa "sviđa mi se"
Matt Miller 16. sij
Great in-depth analysis of many of the changes that have been made thus far to support CET on Windows Looking forward to the future of CET capable CPUs :)
Reply Retweet Označi sa "sviđa mi se"
Matt Miller proslijedio/la je tweet
JarekMSFT 15. sij
Increased bounty awards for the new Microsoft Edge starting today. We'll continue to award on repro for the new Edge program.
Reply Retweet Označi sa "sviđa mi se"
Matt Miller 14. sij
Odgovor korisniku/ci @tekwizz123 @insecur1tea @j00ru
During variant analysis of the issue, some other functions were spotted as having a similar vulnerability and fixed in previous versions. This is actually an old bug class that spotted a while back, but unfortunately crept back into a few places
Reply Retweet Označi sa "sviđa mi se"
Matt Miller 10. sij
Odgovor korisniku/ci @tekwizz123 @insecur1tea
No worries, I know it's not obvious from the advisory :)
Reply Retweet Označi sa "sviđa mi se"
Matt Miller 10. sij
Odgovor korisniku/ci @tekwizz123 @insecur1tea
Good write-up, just one correction: this was not a silent patch, it was the fix for CVE-2019-1436
Reply Retweet Označi sa "sviđa mi se"
Matt Miller 10. sij
This is a great opportunity to perform research related to Microsoft's Identity services that's supported by a research grant up to $75K Bonus: any vulnerabilities you find during the research may be eligible for additional bounty rewards :)
Reply Retweet Označi sa "sviđa mi se"
Matt Miller proslijedio/la je tweet
Arthur Wongtschowski 9. sij
My team is once more hiring vulnerability researchers for our Redmond WA office. This is for low-level OS/platform security research work on Windows and Azure. More details on what we do at . Apply directly at or DM me if interested!
Reply Retweet Označi sa "sviđa mi se"
Matt Miller 7. sij
Kudos to the GPZ team for their willingness to explore new vulnerability disclosure policies in addition to doing great research :) At the risk of wading into a disclosure debate (plz no), I think these policy changes will help improve customer safety
Reply Retweet Označi sa "sviđa mi se"
Matt Miller 2. sij
Odgovor korisniku/ci @nickcano93 @RolfRolles i 2 ostali
A standardized index would be nice, but independent rediscovery can be a great way to leverage your motivation and really learn something new versus just reading about it 🙂 For example, I found out about Peter’s paper after writing locreate and I’m glad it worked out that way
Reply Retweet Označi sa "sviđa mi se"
Matt Miller 2. sij
Odgovor korisniku/ci @hh86_ @hasherezade i 2 ostali
Another good one from and from defcon 20 on abusing ELF metadata
Reply Retweet Označi sa "sviđa mi se"
Matt Miller 2. sij
Odgovor korisniku/ci @hh86_ @hasherezade
Peter Szor also had a nice article in virus bulletin (April 2001) called “Tricky Relocations” talking about some samples he encountered that were abusing relocations: I also played around with relocs a while back, they’re fun 🙂
Reply Retweet Označi sa "sviđa mi se"