WorstFit: Exploiting Hidden Transformers in Windows ANSI
2025-01-09
Security researcher Orange Tsai unveils WorstFit, a novel attack surface in Windows. Exploiting the Best-Fit charset conversion feature, WorstFit leverages unexpected transformations during UTF-16 to ANSI conversion, leading to path traversal, argument injection, and even remote code execution (RCE). The unpredictable nature of Best-Fit mappings across different language configurations affects numerous well-known applications. The research highlights the challenges of patching this in the open-source ecosystem and proposes mitigations like using wide-character APIs.
Read more
Tech
Character Encoding