Attacking The Windows Kernel presented at Blackhat USA 2007

by Jonathan Lindsay,

Tags: Security Access

Summary : Most modern processors provide a
supervisor mode that is intended to run privileged operating system
services that provide resource management transparently or otherwise to
non-privileged code. Although a lot of research has been conducted into
exploiting bugs in user mode code for privilege escalation within the
operating system defined boundaries as well as what can be done if one
has arbitrary supervisor access (typically related to modern rootkit
work), not a great deal of research has been done on the interface
between supervisor and non-supervisor, and potential routes from one to
the other.