I have written a short article about improper authorities on user
profiles that may allow privilege escalation via the QSYGETPH and
QWTSETP APIs.

http://www.i5sec.com/articles/finding-dangerous-user-profile-authorities.html

Any feedback would be appreciated.


As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2021 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.