Vulnerability in Microsoft CTF protocol goes back to Windows XP

CTF, a little-known Microsoft protocol used by all Windows operating system versions since Windows XP, is insecure and can be exploited with ease. According to Tavis Ormandy, a security researcher with Google’s Project Zero elite security team and the one who discovered the buggy protocol, hackers or malware that already have a foothold on a user’s computer can use the protocol to take over any app, high-privileged applications, or the entire OS, as a whole.

Read full article on ZDNet