腾讯玄武实验室安全动态推送(Tencent Xuanwu Lab Security Daily News)

腾讯玄武实验室安全动态推送

Tencent Xuanwu Lab Security Daily News

[ Browser ] Safari-iOS10.3.2-macOS-10.12.4-exploit-Bugs，利用以下几个漏洞穿越 Safari 的沙箱（TOCTOU in diskarbitrationd/PID reuse logic bug in authd/Arbitrary dylib loading in speechsynthesisd/NULL ptr dereference in nsurlstoraged）： https://github.com/maximehip/Safari-iOS10.3.2-macOS-10.12.4-exploit-Bugs
[ Tools ] SwishDbgExt - WinDbg 的事件响应和数字取证调试扩展： https://github.com/comaeio/SwishDbgExt