17 ч 7 мин, 12 май 2018 г. - RCE in Signal messaging app

Описание:

https://thehackernews.com/2018/05/signal-messenger-vulnerability.html

Security researchers have discovered a severe vulnerability in the popular end-to-end encrypted Signal messaging app for Windows and Linux desktops which could allow remote attackers to execute malicious code on recipients system just by sending a message—without requiring any user interaction.
Discovered by Alfredo Ortega, a software security consultant from Argentina, the vulnerability was announced on Twitter just a few hours ago with a proof-of-concept video, demonstrating how a javascript payload sent over Signal for desktop app successfully got executed on the recipient's system.

Добавлено на ленту времени:

Дата: