Console Driver Job Object Process Limit Bypass

2019-05-09T17:57:40
ID AKB:3C4238EA-8945-40BE-9D41-66A957E4C3B4
Type attackerkb
Reporter AttackerKB
Modified 2020-02-13T17:12:41

Description

The console driver in Windows 8.1 can be used to break out of a process with an active process job limit.

Recent assessments:

busterb at 2019-05-09T17:57:41.028596Z reported: Attacker requires too much control in advance for this to be useful.

Assessed Attacker Value: 1 Assessed Exploitability: 1