17 matches found
CVE-2026-21709
A vulnerability allowing a local attacker with administrator privileges to bypass Windows Driver Signature Enforcement...
EUVD-2026-23438
A vulnerability allowing a local attacker with administrator privileges to bypass Windows Driver Signature Enforcement...
CVE-2026-21709
A vulnerability allowing a local attacker with administrator privileges to bypass Windows Driver Signature Enforcement...
CVE-2026-21709
A vulnerability allowing a local attacker with administrator privileges to bypass Windows Driver Signature Enforcement...
CVE-2026-21709
CVE-2026-21709 describes a local-privilege-elevation bypass of Windows Driver Signature Enforcement. Public references in the initial data (NVD) and multiple security feeds confirm a local attacker with administrator privileges can bypass driver signing requirements, with CVSS v3.1 metrics indica...
CVE-2026-21709
A vulnerability allowing a local attacker with administrator privileges to bypass Windows Driver Signature Enforcement...
PT-2026-33497
New from Eclypsium: CVE-2026-25250. A Microsoft-signed third-party bootloader that completely skips signature verification when loading drivers. Secure Boot bypass on most Windows systems. Discovered by Mickey Shkatov and Stas Lyakhov. Patch now. https://t.co/ofZmE2CVeN https://t.co/FhYKdMNdxJ...
Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel
A new attack technique could be used to bypass Microsoft's Driver Signature Enforcement DSE on fully patched Windows systems, leading to operating system OS downgrade attacks. "This bypass allows loading unsigned kernel drivers, enabling attackers to deploy custom rootkits that can neutralize...
CVE-2023-20568
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch RadeonInstaller.exe without validating the file signature potentially leading to arbitrary code execution...
New WinTapix.sys Malware Engages in Multi-Stage Attack Across Middle East
An unknown threat actor has been observed leveraging a malicious Windows kernel driver in attacks likely targeting the Middle East since at least May 2020. Fortinet Fortiguard Labs, which dubbed the artifact WINTAPIX WinTapix.sys, attributed the malware with low confidence to an Iranian threat...
PT-2022-26221
Name of the Vulnerable Software and Affected Versions Zemana AntiMalware version 3.2.28 Watchdog Anti-Malware version 4.1.422 Description The issue allows for arbitrary code injection, which can be exploited to execute code in kernel mode. This can lead to disabling mandatory driver signature...
Exploit for Code Injection in Watchdog Anti-Virus
CVE-2022-42045 Summary We discovered an Arbitrary code in...
Researchers Discover UEFI Bootkit Targeting Windows Computers Since 2012
Cybersecurity researchers on Tuesday revealed details of a previously undocumented UEFI Unified Extensible Firmware Interface bootkit that has been put to use by threat actors to backdoor Windows systems as early as 2012 by modifying a legitimate Windows Boot Manager binary to achieve persistence...
CVE-2018-8549
A security feature bypass exists when Windows incorrectly validates kernel driver signatures, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows 8.1, Windows 10, Windows 1...
R0Ak (The Ring 0 Army Knife) - A Command Line Utility To Read/Write/Execute Ring Zero On For Windows 10 Systems
r0ak is a Windows command-line utility that enables you to easily read, write, and execute kernel-mode code with some limitations from the command prompt, without requiring anything else other than Administrator privileges. Quick Peek r0ak v1.0.0 -- Ring 0 Army Knife...
Ring 0 Army Knife: r0ak
r0ak is a Windows command-line utility that enables you to easily read, write, and execute kernel-mode code with some limitations from the command prompt, without requiring anything else other than Administrator privileges. Motivation The Windows kernel is a rich environment in which hundreds of...
Microsoft Windows Local Security Feature Bypass Vulnerability
Microsoft Windows 10, Windows Server 2016, and Windows Server Version 1709 are all products of Microsoft Corporation, U.S.A. Microsoft Windows 10 is a cross-platform operating system for PCs and laptops, tablets and devices such as cell phones.Windows Server 2016 and Windows Server Version 1709 a...