MsMpEng: mpengine x86 Emulator Heap Corruption in VFS API

I discussed Microsoft’s “apicall” instruction that can invoke a large number of internal emulator apis and is exposed to remote attackers by default in all recent versions of Windows. I asked Microsoft if this was intentionally exposed, and they replied “The apicall instruction is exposed for multiple reasons”, so this is intentional. This full system… Read More MsMpEng: mpengine x86 Emulator Heap Corruption in VFS API