A zero-day vulnerability that, when triggered, could crash the Windows Event Log service on all supported (and some legacy) versions of Windows could spell trouble for enterprise defenders. Discovered by a security researcher named Florian and reported to Microsoft, the vulnerability is yet to be patched. In the meantime, the researcher has gotten the go-ahead from the company to publish a PoC exploit. The vulnerability and the PoC Florian found the bug while working on … More

The post A zero-day vulnerability (and PoC) to blind defenses relying on Windows event logs appeared first on Help Net Security.