Showing Articles About
code injection
-
Finlay Richardson - 15 Dec 2025
Local Privilege Escalation via Vulnerable USB Co-Installers
We describe a new USB co-installer vulnerability, allowing elevation of privileges on Windows systems. This post describes previous co-installer vulnerabilities, and our research methodology, and why peripherals can be a novel source of vulnerabilities in operating systems.
- 18 Oct 2016
Securing the loading of dynamic code
This article explores the security risks associated with dynamic code loading through reflection in programming languages. It discusses methods to secure reflective code loading, including techniques like hashing, code signing, and file permissions to prevent unauthorized code execution and potential privilege escalation vulnerabilities.