Bypassing VirtualBox Process Hardening on Windows

Posted by James Forshaw, Project Zero Processes on Windows are securable objects, which prevents one user logged into a Windows machine from compromising another user’s processes. This is a pretty important security feature, at least from the perspective of a non-administrator user. The security...

NVIDIA Driver - NvStreamKms Stack Buffer Overflow in PsSetCreateProcessNotifyRoutineEx Callback Priv

Exploit for windows platform in category local exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=918 The NvStreamKms.sys driver calls PsSetCreateProcessNotifyRoutineEx to set up a process creation notification routine. In this particular routine, if cur-imagenamescount 0 ...

NVIDIA Driver - NvStreamKms PsSetCreateProcessNotifyRoutineEx Local Stack Buffer Overflow Callback Local Privilege Escalation

NVIDIA Driver - NvStreamKms PsSetCreateProcessNotifyRoutineEx Local Stack Buffer Overflow Callback Local Privilege Escalation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=918 The NvStreamKms.sys driver calls PsSetCreateProcessNotifyRoutineEx to set up a process creation...

NVIDIA Driver - NvStreamKms 'PsSetCreateProcessNotifyRoutineEx Local Stack Buffer Overflow Callback / Local Privilege Escalation

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=918 The NvStreamKms.sys driver calls PsSetCreateProcessNotifyRoutineEx to set up a process creation notification routine. In this particular routine, if cur-imagenamescount 0 // info is the PPSCREATENOTIFYINFO that is passed to the...