by CIRT Team
Desktop Window Manager vulnerability
Window Manager vulnerability Description:CVE-2021-28310 is an out-of-bounds (OOB) write vulnerability in dwmcore.dll, which is part of Desktop Window Manager (dwm.exe). Due to the lack of bounds checking, attackers are able to create a situation that allows them to write controlled data at a controlled offset using DirectComposition API. Impact:It is an escalation of privilege (EoP) exploit that is likely used together with other browser exploits...
Read More