Tag: research

Clarification – BGInfo 4.22 – AppLocker still vulnerable

Posted on by Oddvar Moe [MVP]

Just wanted to do a quick follow-up on this bypass. Seems that BGInfo 4.22 still can be used to bypass AppLocker using the techniques I showed in my previous post. Meaning that if you use AppLocker as whitelisting solution I guess you must deny BGInfo.exe in order to prevent this bypass. Screenshots from an AppLocker … Continue reading Clarification – BGInfo 4.22 – AppLocker still vulnerable

Bypassing Application Whitelisting with BGInfo

Posted on by Oddvar Moe [MVP]

TL;DR BGinfo.exe older than version 4.22 can be used to bypass application whitelisting using vbscript inside a bgi file. This can run directly from a webdav server. UPDATE: 22.05.2017 AppLocker is still vulnerable with Bginfo 4.22. A blogpost about that here: https://oddvar.moe/2017/05/22/clarification-bginfo-4-22-applocker-still-vulnerable/ UPDATE: 19.06.2017 Microsoft has thanked me in their documentation for this finding. The … Continue reading Bypassing Application Whitelisting with BGInfo

Accessing clipboard from the lock screen in Windows 10 #2

Posted on by Oddvar Moe [MVP]

#UPDATE# This issue is fixed in the Windows 10 1803 versions and newer.   I received a lot of positive feedback on my previous post on accessing the clipboard from the lock screen using the wireless password field. Just out of curiosity I tried other combinations on doing the same thing, and I found out … Continue reading Accessing clipboard from the lock screen in Windows 10 #2

Accessing clipboard from the lock screen in Windows 10

Posted on by Oddvar Moe [MVP]

#UPDATE# This issue is fixed in the Windows 10 1803 versions and newer.   I discovered something interesting that I wanted to be shared with the rest of the world. Before you read any further, I want you to know that I did send an email to MSRC (Microsoft Security Response Center) about this. The … Continue reading Accessing clipboard from the lock screen in Windows 10