As you might have heard, Microsoft recently patched some vulnerabilities, vulnerabilities related to Sandworm CVE-2014-4114 (Powerpoint exploit) and Font parsing vulnerabilitiy (CVE-2014-4148). But in this article, I'm more interested to talk about CVE-2014-4113, local kernel vulnerability that successful exploitation of it would give you SYSTEM access. So I started analyzing Microsoft's Patch (KB3000061) and during analysis, I found a PoC for this vulnerability in wild. So I combined my patch analysis and reverse engineering this PoC binary together to deeply understand this vulnerability and exploitation technique. I'll share it step by step, with all details, so you'll know everything about CVE-2014-4113.
more here.............https://www.codeandsec.com/CVE-2014-4113-Detailed-Vulnerability-and-Patch-Analysis
more here.............https://www.codeandsec.com/CVE-2014-4113-Detailed-Vulnerability-and-Patch-Analysis