- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
Microsoft researchers toyed with app permissions to uncover CVE-2024-44133, using it to access sensitive user data. Adware merchants may have as well.
Microsoft researchers toyed with app permissions to uncover CVE-2024-44133, using it to access sensitive user data. Adware merchants may have as well.
I’m not sure if this article is disingenuous or if I’m just confused… but it states when MS scanned their customers’ environments, they discovered malware making changes to the Chrome config. And the Safari CVE was patched in September. So we don’t have proof of this happening in the wild then?
What’s more, the Safari exploit requires making changes to a protected directory. But no indication of how that is done by just the browser exploit. Did the attackers already have access to the machine? If so, this article is a nothing burger.