linux-nerds.org

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

One-Click RCE in ASUS's Preinstalled Driver Software

Technology

6 Beiträge 5 Kommentatoren 0 Aufrufe

C This user is from outside of this forum
C This user is from outside of this forum
captainbasculin@lemmy.bascul.in

schrieb zuletzt editiert von

#1

This post did not contain any content.
J 1 Antwort Letzte Antwort

20
C captainbasculin@lemmy.bascul.in

This post did not contain any content.
J This user is from outside of this forum
J This user is from outside of this forum
just_another_person@lemmy.world

schrieb zuletzt editiert von just_another_person@lemmy.world

#2

This person is getting to be fucking annoying.

The title is definitely not as described, only applies to Windows (I think), and won't work without a permissions escalation.

The only reason it's classified as a CVE is because they requested it be such.

There are no payload attacks proven here, or PoC attack code. This person has been posting pretty basic "hacks" for a few years, and makes a mountain out of an anthill every damn time.

Ugh
L R P 3 Antworten Letzte Antwort

4
J just_another_person@lemmy.world

This person is getting to be fucking annoying.

The title is definitely not as described, only applies to Windows (I think), and won't work without a permissions escalation.

The only reason it's classified as a CVE is because they requested it be such.

There are no payload attacks proven here, or PoC attack code. This person has been posting pretty basic "hacks" for a few years, and makes a mountain out of an anthill every damn time.

Ugh
L This user is from outside of this forum
L This user is from outside of this forum
lupusblackfur@lemmy.world

schrieb zuletzt editiert von

#3

This person is getting to be fucking annoying.

‍️ Sounds like a job for the "block user" feature...
1 Antwort Letzte Antwort

2
J just_another_person@lemmy.world

This person is getting to be fucking annoying.

The title is definitely not as described, only applies to Windows (I think), and won't work without a permissions escalation.

The only reason it's classified as a CVE is because they requested it be such.

There are no payload attacks proven here, or PoC attack code. This person has been posting pretty basic "hacks" for a few years, and makes a mountain out of an anthill every damn time.

Ugh
R This user is from outside of this forum
R This user is from outside of this forum
ryannathans@aussie.zone

schrieb zuletzt editiert von

#4

How could it apply to any other operating system than Windows? Pre installed drivers, in a pre installed OS? They probably don't even write drivers for other OS
J 1 Antwort Letzte Antwort

4
R ryannathans@aussie.zone

How could it apply to any other operating system than Windows? Pre installed drivers, in a pre installed OS? They probably don't even write drivers for other OS
J This user is from outside of this forum
J This user is from outside of this forum
just_another_person@lemmy.world

schrieb zuletzt editiert von

#5

Wine or compatibility layers.
1 Antwort Letzte Antwort

0
J just_another_person@lemmy.world

This person is getting to be fucking annoying.

The title is definitely not as described, only applies to Windows (I think), and won't work without a permissions escalation.

The only reason it's classified as a CVE is because they requested it be such.

There are no payload attacks proven here, or PoC attack code. This person has been posting pretty basic "hacks" for a few years, and makes a mountain out of an anthill every damn time.

Ugh
P This user is from outside of this forum
P This user is from outside of this forum
priapus@piefed.social

schrieb zuletzt editiert von

#6

only applies to Windows (I think)

Well yeah, its a vulnerability in the windows software. Nothing they said implied otherwise.

and won't work without a permissions escalation.

I dont think thats true, could you explain why that would be? This article mentioned no need for a permissions escalation. In fact it seems that the RCE is automatically run as administrator by the driver process.
1 Antwort Letzte Antwort

0

Anmelden zum Antworten

T

Atom-Thin Tech Replaces Silicon in the World’s First 2D Computer
Beobachtet Ignoriert Geplant Angeheftet Gesperrt Verschoben Technology technology
15

1

124 Stimmen

15 Beiträge

0 Aufrufe

M

That's very cool, but does anyone else think the title image is AI generated? Neither image nor caption seem to sit right, nor fit together. Is the 'caption' actually (derived from) a prompt?
N

public services of an entire german state switches from Microsoft to open source (Libreoffice, Linux, Nextcloud, Thunderbird)
Beobachtet Ignoriert Geplant Angeheftet Gesperrt Verschoben Technology technology
252

1k Stimmen

252 Beiträge

10 Aufrufe

J

And that's fine. I agree. Becoming consumist hoarders is what got us to where we're at. Or rather, what allowed companies and institutions to take us here.
P

CIA 2010 covert communication websites: How I found a Star Wars website made by the CIA.
Beobachtet Ignoriert Geplant Angeheftet Gesperrt Verschoben Technology technology
22

77 Stimmen

22 Beiträge

2 Aufrufe

F

https://web.archive.org/web/20250526132003/https://www.yahoo.com/news/cias-communications-suffered-catastrophic-compromise-started-iran-090018710.html?ref=404media.co
D

VCs are starting to partner with private equity to buy up call centers, accounting firms and other "mature companies" to replace their operations with AI
Beobachtet Ignoriert Geplant Angeheftet Gesperrt Verschoben Technology technology
134

1

275 Stimmen

134 Beiträge

2 Aufrufe

S

Wait until AI reduces it to just owners.
V

Elon Musk's X temporarily down for tens of thousands of users
Beobachtet Ignoriert Geplant Angeheftet Gesperrt Verschoben Technology technology
1

1

0 Stimmen

1 Beiträge

1 Aufrufe

Niemand hat geantwortet
D

I just came across an AI called Sesame that appears to have been explicitly trained to deny and lie about the Palestinian genocide
Beobachtet Ignoriert Geplant Angeheftet Gesperrt Verschoben Technology technology
9

36 Stimmen

9 Beiträge

2 Aufrufe

T

It's also much easier to implement.
P

What does it mean to ‘accept’ or ‘reject’ all cookies, and which should I choose?
Beobachtet Ignoriert Geplant Angeheftet Gesperrt Verschoben Technology technology
30

1

143 Stimmen

30 Beiträge

12 Aufrufe

J

You do not need to ask for consent to use functional cookies, only for ones that are used for tracking, which is why you'll still have some cookies left afterwards and why properly coded sites don't break from the rejection. Most websites could strip out all of the 3rd party spyware and by doing so get rid of the popup entirely. They'll never do it because money, obviously, and sometimes instead cripple their site to blackmail you into accepting them.
J

OpenAI and the FDA Are Holding Talks About Using AI In Drug Evaluation
Beobachtet Ignoriert Geplant Angeheftet Gesperrt Verschoben Technology technology
7

1

42 Stimmen

7 Beiträge

2 Aufrufe

B

Yesterday on reddit I saw a photo a patient shot over the shoulder of his doctor of his computer monitor. It had ChadGPT full with diagnosis requests. https://www.reddit.com/r/ChatGPT/comments/1keqstk/doctor_using_chatgpt_for_a_visit_due_to_knife_cut/