|
|
|
|
|
|
by AustinDizzy
3921 days ago
|
|
|
Well, two years ago I tried to report a few fairly critical security vulnerabilities on update.windows.com and they responded saying it wasn't an issue. I'd consider denial of service, buffer overflow, possible remote code execution (didn't test because I didn't want to make MSFT mad), and sensitive configuration information enumeration critical vulnerabilities. Especially on update.microsoft.com, which distributes Windows updates. But apparently they don't. So who knows. I'm not saying the OP's link is a result of these vulns being exploited, but them being exploited is always a possibility in the future if it hasn't already happened or been fixed. |
|
|