August 9, 2024

Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE

Microsoft researchers recently identified multiple medium severity vulnerabilities in OpenVPN, an open-source project with binaries integrated into routers, firmware, PCs, mobile devices, and many other smart […]
May 2, 2024

“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps

Microsoft discovered a path traversal-affiliated vulnerability pattern in multiple popular Android applications that could enable a malicious application to overwrite files in the vulnerable application’s home […]