Jump to content


- - - - -

Duqu's Vulnerabilty

Started by Pouyaaa, Jan 25 2012 11:07 AM

  • Please log in to reply
No replies to this topic

#1 Pouyaaa

Pouyaaa

    Newbie

  • (Junior+)
  • 10 posts

Posted 25 January 2012 - 11:07 AM

Hi guys
I've started diffing the unpatched verstion of win32k (5.1.2600.6149) with patched one (5.1.2600.6178) for finding the bug . So I came up with lots of pointer corruption suspicious instruction bug at sfac_GetSbitBit which is gonna used for parsing TTF. but I don't how what user land APIs used for triggering GetSbitComponent function.

Can u guys give me some suggestion ?

thanks
Back to Malicious Software Research


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Tuts 4 You
  2. Professional Engineering
  3. Malicious Software Research
  4. Privacy Policy
  5. The Board Rules ·