PolyWolf on Security

1-click Windows 10 RCE

Posted on 2021-12-07: https://positive.security/blog/ms-officecmd-rce

Computer text showing how to exploit the vulnerability
Image courtesy of{" "} @_mattata . I love the "--disable-gpu-sandbox" and "--gpu-launcher" flags, it makes the exploit seem so simple and yet the engineering decisions and discovery process were likely very complex