Analysis of CVE-2019-0708 (BlueKeep)

Binary Diffing As always, I started with a BinDiff of the binaries modified by the patch (in this case there is only one: TermDD.sys). Below we can see the results. Most of the changes turned out to be pretty mundane, except for “_IcaBindVirtualChannels” and “_IcaRebindVirtualChannels”. Both functions contained the same Read more…

en_USEnglish
si_LKSinhala en_USEnglish