Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Learn about Link Following Vulnerabilities (LFVulns) in Windows file operations through this 14-minute conference presentation from USENIX Security '25. Discover how symbolic links, while designed to enhance user experience in Windows systems, can be exploited when developers fail to properly validate them during file operations, allowing attackers to manipulate system files arbitrarily. Explore comprehensive research that analyzed and reproduced 42 existing LFVulns to identify root causes and detection challenges. Examine LinkZard, an automated prototype tool developed by researchers from Fudan University that combines efficient file state fuzzing in its exploration phase with code wrapping strategies in its exploitation phase to detect and exploit these vulnerabilities. Review the practical application of LinkZard across 120 commercial programs from major vendors including Microsoft, Apple, and Intel, which successfully identified 55 zero-day vulnerabilities, with 49 confirmed and patched by vendors, resulting in 15 CVE assignments and bounty rewards.
