Main Windows vulnerabilities

Main Windows vulnerabilities

It is less important to know which vulnerabilities are used by attackers to bypass existing access restriction mechanisms. This is what we will talk about. Let’s take a short look at each of them.

.



Stack Corruption

.

Stack corruption is damage to the stack or to an array of data that is stored on the stack.

.

.

.



As you know, all programs that run in any programming language, get into RAM. They are stored there in a kind of “tablets” and these tablets are divided into parts: one part contains commands, the other part contains data, etc. So, where the data is located, there may be situations related to Stack Corruption.

Stack is the cell that stores the information needed for the application to run and knows exactly how to execute the algorithms (there are special addresses and data). An overflow of some variable on a stack can cause that special addresses used by an application to work properly can be overwritten. Overwriting these addresses is a way of intercepting control, and is direct proof that the intercept has occurred.

Heap overflow

.

It is an overflow that occurs on the heap. “On a heap” is if the programmer wrote an application that does a lot of work when processing files, respectively, instead of stack overflow occurs on the heap. This is where the commands are executed, i.e. the information is already taken from, which in the future will open the port, dump some values, or reconfigure the operating system.

.

.

.

.

Heap overflow is a difficult to diagnose error, because each software can have its own heap implementation.

Type Confusion and Use-After-Free

.

These vulnerabilities can be called auxiliary. As for Type Confusion, it is a vulnerability that allows to disable an application or perform additional actions. It is most often used by attackers to corrupt memory.

.

Use-After-Free (UAF) is a vulnerability where a process can go into an undefined state. This vulnerability class itself does not cause problems but under certain conditions commands can be executed. For example, these vulnerabilities may allow memory values to be spoofed, which in turn may lead to execution of malicious code or stop and fail the application itself.

Translated with www.DeepL.com/Translator (free version)



WARNING! All links in the articles may lead to malicious sites or contain viruses. Follow them at your own risk. Those who purposely visit the article know what they are doing. Do not click on everything thoughtlessly.


12 Views

0 0 vote
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments


Do NOT follow this link or you will be banned from the site!
0
Would love your thoughts, please comment.x
()
x

Spelling error report

The following text will be sent to our editors: