frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

NT OS Kernel Information Disclosure Vulnerability

https://www.crowdfense.com/nt-os-kernel-information-disclosure-vulnerability-cve-2025-53136/
71•voidsec•3h ago

Comments

Jare•2h ago
I went to check when the bug had been patched, and was left wanting. I however lack the expertise to really appreciate how much danger exists in practice, or for whom. I just know I do have Win11 24H2 and "This leak primitive is particularly useful for Windows versions 24H2 or later"
Ethee•2h ago
If you follow the CVE link included: https://msrc.microsoft.com/update-guide/vulnerability/CVE-20...

It would seem this was patched in the Aug 12 security patch rollout.

Jare•33m ago
Wow thanks! I didn't even realize that was a link, it looks like just any other bold text in the page. It's weird this page would be published in Sept (if I understand correctly) and not mention the patch, but in any case that's good.
MattSteelblade•1h ago
This type of exploit is useful as part of a chain of exploits; it defeats a defense-in-depth protection.
twoodfin•1h ago
Specifically, it leaks a kernel address inside a security-sensitive structure, which is supposed to be unpredictable / unknowable because the layout of kernel memory is randomized.

If you have another exploit that will write bytes under the attacker’s control to an attacker-supplied kernel address, you will be able to do the Windows equivalent of escalate to root.

KyleBerezin•1h ago
I find myself thinking "wow, what an obvious bug. How did Microsoft not catch that?" but then I think back to some of my own extremely obvious bugs. Thankfully my code is much lower impact.
btreecat•1h ago
I still think of the lessons learned from a root traverse bug I accidentally coded into one of our internal apps as a jr dev.

You could change the URL of the image, and get any file off the system to download as long as the service account had read access.

Invaluable XP, and really glad everything was behind AD authentication and internal users were trustworthy enough and operating in a network isolated context.

globular-toast•50m ago
Yeah, having learnt very similar (if not the same) lessons myself the hard way I see great value in being able to fail badly, but with low stakes. I catch loads of bugs like these from jrs before they hit prod but I don't feel like they're learning the fundamentals of security like trust, sanitising inputs, least privilege etc.
lawlessone•12m ago
sounds like how wordpress used to be. could explore all the folders and get any file of site with something like website.com/content/2010/
lysace•1h ago
Random: Perhaps that full source code leak in 2004 actually helped harden the kernel, long term?

https://betanews.com/2004/02/13/windows-source-leak-traces-b...

p_ing•41m ago
KASLR was not present in Windows 2000, which is what this vulnerability breaks through.
lysace•29m ago
That’s one vulnerability.
mkolassa•24m ago
It’s interesting that the KB that patches this on Windows 11 (KB5063878) is the same one that was tied up in all the Phison SSD drama.

Native ACME support comes to Nginx

https://letsencrypt.org/2025/09/11/native-acme-for-nginx
143•Velocifyer•2h ago•63 comments

Top model scores may be skewed by Git history leaks in SWE-bench

https://github.com/SWE-bench/SWE-bench/issues/465
94•mustaphah•1h ago•18 comments

Bulletproof host Stark Industries evades EU sanctions

https://krebsonsecurity.com/2025/09/bulletproof-host-stark-industries-evades-eu-sanctions/
81•todsacerdoti•2h ago•20 comments

NT OS Kernel Information Disclosure Vulnerability

https://www.crowdfense.com/nt-os-kernel-information-disclosure-vulnerability-cve-2025-53136/
71•voidsec•3h ago•15 comments

Claude's Memory Architecture Is the Polar Opposite of ChatGPT's

https://www.shloked.com/writing/claude-memory
17•shloked•51m ago•2 comments

Launch HN: Ghostship (YC S25) – AI agents that find bugs in your web app

10•jessechoe10•40m ago•2 comments

Behind the scenes of Bun Install

https://bun.com/blog/behind-the-scenes-of-bun-install
268•Bogdanp•7h ago•81 comments

'Robber bees' invade apiarist's shop in attempted honey heist

https://www.cbc.ca/news/canada/british-columbia/robber-bees-terrace-bc-apiary-1.7627532
50•lemonberry•2h ago•20 comments

Adam (YC W25) Is Hiring to Build the Future of CAD

https://www.ycombinator.com/companies/adam/jobs/q6td4uk-founding-engineer
1•HetengAaronLi•1h ago

GrapheneOS and Forensic Extraction of Data (2024)

https://discuss.grapheneos.org/d/13107-grapheneos-and-forensic-extraction-of-data
264•SoKamil•7h ago•134 comments

A tech-law measurement and analysis of event listeners for wiretapping

https://arxiv.org/abs/2508.19825
41•lapcat•3h ago•5 comments

The Helix Text Editor

https://jonathan-frere.com/posts/helix/
48•gidellav•3d ago•10 comments

CRISPR offers new hope for treating diabetes

https://www.wired.com/story/no-more-injections-crispr-offers-new-hope-for-treating-diabetes/
100•manveerc•6h ago•32 comments

Conway's Game of Life, but musical

https://www.hudsong.dev/digital-darwin
117•hudsongr•5h ago•24 comments

Making io_uring pervasive in QEMU [pdf]

https://vmsplice.net/~stefan/stefanha-kvm-forum-2025.pdf
10•ingve•1h ago•0 comments

AirPods live translation blocked for EU users with EU Apple accounts

https://www.macrumors.com/2025/09/11/airpods-live-translation-eu-restricted/
66•thm•8h ago•62 comments

Public Suffix List

https://publicsuffix.org/
30•mooreds•3d ago•4 comments

Show HN: Making a cross-platform game in Go using WebRTC Datachannels

https://pion.ly/blog/making-a-game-with-pion/
16•valorzard•1d ago•0 comments

Spiral

https://spiraldb.com/post/announcing-spiral
205•jorangreef•4h ago•70 comments

An engineering history of the Manhattan Project

https://www.construction-physics.com/p/an-engineering-history-of-the-manhattan
94•rbanffy•6h ago•53 comments

From burner phones to decks of cards: NYC teens adjusting to the smartphone ban

https://gothamist.com/news/from-burner-phones-to-decks-of-cards-nyc-teens-are-adjusting-to-the-sm...
80•geox•6h ago•96 comments

Reshaped is now open source

https://reshaped.so/blog/reshaped-oss
223•michaelmior•10h ago•42 comments

Tumult and Sympathy – The Letters of Oliver Sacks

https://www.commonwealmagazine.org/tumult-and-sympathy
8•andrewl•3d ago•1 comments

Center for the Alignment of AI Alignment Centers

https://alignmentalignment.ai
78•louisbarclay•8h ago•14 comments

Pulling an Inverse Conway Maneuver at Netflix (2023)

https://jivimberg.io/blog/2023/09/04/the-inverse-conway-maneuver/
14•thunderbong•3d ago•2 comments

Samsung taking market share from Apple in U.S. as foldable phones gain momentum

https://www.cnbc.com/2025/08/16/samsungs-us-market-share-apple-rivalry-foldable-phones.html
79•mgh2•10h ago•122 comments

Beyond package management: How Nix refactored my digital life

https://www.jimmyff.co.uk/blog/beyond-package-management-how-nix-refactored-my-digital-life/
43•jimmyff•3d ago•24 comments

Gregg Kellogg has died

https://lists.w3.org/Archives/Public/public-json-ld-wg/2025Sep/0012.html
274•daenney•7h ago•35 comments

Removing yellow stains from fabric with blue light

https://phys.org/news/2025-09-yellow-fabric-blue.html
97•bookofjoe•3d ago•67 comments

GrapheneOS accessed Android security patches but not allowed to publish sources

https://grapheneos.social/@GrapheneOS/115164133992525834
198•uneven9434•12h ago•45 comments