Windows Docker Information Disclosure Vulnerability (CVE-2021-1645)
In 2020, we discovered a vulnerability in the Microsoft Docker implementation and reported it to Microsoft. Microsoft published updates for its Windows client and ...
Read MoreSearch
What is Zero-Trust?
The acute lockdown caused by Covid-19 has caused extraordinary changes in companies and for employees and, to put it mildly, significantly increased the importance ...
Read MoreThe Importance of Trust Validation: Microsoft’s Dangerous Mistake
Vulnerability in VSIX signature validation Last year we discovered a vulnerability in the Visual Studio Extension (VSIX) installer, which comes with ...
Read MoreUnfulfilled Expectations: Revoked Certificates in JAR Signing
Oracle JarSigner does not check CRLs In April 2020 we became aware of a conceptual security issue in the Java JarSigner. The JarSigner does not check ...
Read More