Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

How do they find exploits like this? Do they check every single kernel functions for unchecked pointers? Do they have some automated way to discover this?


On figure 4 the legend says that static code analysis made it possible to discover the chain of calls.


How many billions are MS making from Windows? Why aren't they doing that static analysis??


Maybe they are and this was already documented internally, but potentially marked as a low threat, but now that it was found outside of Microsoft it's a bigger problem? I'm just spitballing here, one would have to assume that Microsoft is doing static code analysis.


OK, but it wasn't found before the current OS cycle presumably because one would imagine they'd fix it ... ha-ha!

So it either wasn't found or they found it and continued to bake it in to the OS nonetheless. Which is better?




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: