Analysis of CVE-2024-21310 Pool Overflow Windows Cloud Filter Driver

This vulnerability does not have a public Proof of Concept, so we will have to start from scratch based on the limited information provided by Microsoft. We will need to reverse engineer and perform a BinDiff on the vulnerable and patched clfd.sys component to identify the vulnerability and find a way to trigger it.

Read More

Fuzzing WinRAR 7zip library

As the title says, we are going to fuzz the 7zip format of winrar, where all the methods and functions used by the 7zip format are found in the dll 7zxa.dll.

Read More