Introduction: An Information disclosure vulnerability was found in the Microsoft XML services, the vulnerability can be exploited to detect files on target machines. The bug is fixed in MS17-022. The exploit uses an XMLDOM object to call res (Microsoft HTML Resource pluggable protocol) URL protocol. By default the support for res protocol is disabled so if you open … Continue reading “Microsoft XML Information Disclosure Vulnerability – CVE-2017-0022”