A few weeks ago, I reported a Local Privilege Escalation (LPE)affecting version <1.0.7 of EVGA’s Precision X1 performance software. This vulnerability was patched in version 1.0.7.

Vulnerability Details

While looking at the services created by the application, I noticed that a driver service, “WinRing0_1_2_0,” was started on the system and correlated to…

Introduction

Attacks against Windows kernel mode software drivers, especially those published by third parties, have been popular with many threat groups for a number of years. Popular and well-documented examples of these vulnerabilities are the CAPCOM.sys arbitrary function execution, Win32k.sys local privilege escalation, and the EternalBlue pool corruption. …

Matt Hand

I like security, picking up heavy things, and burritos. Adversary Simulation @ SpecterOps. github.com/matterpreter

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store