[OffTopic] A vulnerability postmortem on Network Security Services
Kagamin
spam at here.lot
Fri Dec 3 08:36:24 UTC 2021
On Thursday, 2 December 2021 at 08:09:18 UTC, Paulo Pinto wrote:
> Google's Project Zero goes through a memory corruption exploit
> on Network Security Services, where despite all static
> analysers, fuzzers and code reviews, it flew under the radar.
>
> https://googleprojectzero.blogspot.com/2021/12/this-shouldnt-have-happened.html
>
> Hence why @safe matters.
That's tame, see Apple's complaint against NSO group. Pegasus was
delivered through a buffer overflow vulnerability too.
More information about the Digitalmars-d
mailing list