This is the report I sent Acronis about these two bypass bugs in their ransomware protection service which they acknowledged. I lost track of whether or not these are fixed, but they had plenty of time to do it.
This is the report I sent Acronis about these two DoS bugs in their ransomware protection service which they acknowledged. I lost track of whether or not these are fixed, but they had plenty of time to do it.
anti_ransomware_service.exe includes a functionality to quarantine files which will copy the suspected ransomware file from one directory to another using SYSTEM privileges. As any unprivileged user has write permissions in the quarantine folder, it is possible to control this privileged write with a hardlink. This means that an unprivileged user can write/overwrite arbitrary files in arbitrary folders. Escalating privileges to SYSTEM is trivial with arbitrary writes. While the quarantine feature is not enabled per default, it can be forced to copy the file to the quarantine by communicating with the anti_ransomware_service.exe through its REST api.
A continually updated list of the 0-days I am responsible for discovering. This is mainly for my own sake in order to keep track of them. I try to keep the order chronologically from newest to oldest
A showcase of how easy it is to setup and operate a Tor Relay. Everybody should support the right to privacy on the Internet and this is a very easy and convenient way to do it if you already have a VPS running somewhere.