Windows 10, Elevator Action presented at PacSec 2015

by James Forshaw,

Summary : Windows is a fertile group for elevation of privilege vulnerabilities especially in new versions which introduce interesting features. Complexity however risks introducing bugs, some of which can be exploited to get system or kernel privileges. This presentation will describe some of the new features in Windows 10, some of the changes which have been made to old features and how this has an impact on local privilege escalation. I'll also show some interesting, rarely documented techniques to exploit certain types of vulnerabilities to get local system or kernel privileges from a sandbox or a normal user account.