In-the-Wild Series: Windows Exploits
This is part 6 of a 6-part series detailing a set of vulnerabilities found by Project Zero being exploited in the wild. To read the other parts of the series, see the introduction post. Posted by Mateusz Jurczyk and Sergei Glazunov, Project Zero In this post we'll discuss the exploits for vulnerabilities in Windows that have been used by the attacker to escape the Chrome renderer sandbox. 1. Font vulnerabilities on Windows ≤ 8.1 (CVE-2020-0938, CVE-2020-1020) Background The Windows GDI interface supports an old format of fonts called Type 1, which was designed by Adobe around 1985 and was popular [...]