Tag

#patch-bypass

3 posts tagged #patch-bypass.

Analysis · May 8, 2026 · The Field Notes Desk

Qlik patched the smuggling bug, then Praetorian beat it with one extra letter

On August 29, 2023, Qlik shipped a literal-string filter for chunked transfer encoding. Three weeks later Praetorian sent tchunked, the desync came back, and Cactus ransomware spent the next two months harvesting the administrators who thought they were done patching.
Analysis · May 5, 2026 · The Field Notes Desk

SharePoint's two-week window: patched servers were still exploitable

Organizations that patched SharePoint on July 9 did everything right and were still vulnerable. Microsoft's first fix was incomplete, and ransomware operators had the gap memorized.
Analysis · May 5, 2026 · The Field Notes Desk

The patch that wasn't: why SharePoint's fix needed a fix

CVE-2025-53770 bypassed Microsoft's July patch for SharePoint within days. The problem isn't bugs. It's that incomplete fixes are a pattern, and patch compliance frameworks can't measure patch quality.