腾讯网

Windows 错误报告服务 ALPC 提权漏洞 PoC 利用代码公开

随着概念验证(PoC)利用代码的公开,微软 Windows 操作系统中的一个严重本地提权(LPE)漏洞(CVE-2026-20817)浮出水面。该漏洞存在于 Windows 错误报告(WER)服务中,允许低权限认证用户执行任意恶意代码并获取 SYSTEM 级完全权限。 安全研究员 @oxfemale(X/Twitter ...
电子工程专辑

收藏:2024年AIPC行业概览

01、概念界定:Al PC指内嵌个人大模型的计算机系统 目前业界内尚未出现关于AlPC的官方定义。本报告基于业界对于AlPC的典型特征的描述,定义AIPC。 其包括两层含义,一层指Al个人电脑,在电脑终端内嵌个人大模型,通过大模型压缩计算,可以创建个性化本地 ...
ZDNet

Recent Windows ALPC zero-day has been exploited in the wild for almost a week

Two days after a security researcher released details and proof-of-concept code about an unpatched Windows zero-day, one malware group had already incorporated the vulnerability in their exploit chain ...
Bleeping Computer

Temporary Patch Available for Recent Windows Task Scheduler ALPC Zero-Day

Earlier this week a security researcher released exploit code for a Windows zero-day affecting the Task Scheduler ALPC interface. Today, cyber-security firm Acros Security published a temporary fix ...