We have to assume there are vulenerabilities, precisely as you say. The goal is to design a system around this assumption. For this there are known techniques, which Windows does not appear to be using.
That is, I'm not holding anybody accountable for the particular error in SMB. This is unavoidable. What I take issue with is how this error allowed code injection and escalation.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
We have to assume there are vulenerabilities, precisely as you say. The goal is to design a system around this assumption. For this there are known techniques, which Windows does not appear to be using.
That is, I'm not holding anybody accountable for the particular error in SMB. This is unavoidable. What I take issue with is how this error allowed code injection and escalation.