nt!_SEP_TOKEN_PRIVILEGES – Single Write EoP Protect

Posted in Research on April 18th, 2017 by kyREcon

A short write-up on a tiny update introduced in NT kernel version 10.0.15063 inside nt!SepCreateAccessStateFromSubjectContext that can mess up with your kernel exploits in case you abuse _SEP_TOKEN_PRIVILEGES.Enabled through a Read-Write Primitive to gain EoP.

Read more here.

Enjoy,
kyREcon

Share
Tags: ,