Showing Articles About
memory corruption
- 15 Aug 2014
Windows 8 Kernel Memory Protections Bypass
A technique for bypassing Windows 8 kernel memory protections like SMEP and DEP is demonstrated by manipulating paging structures. The method allows modification of memory page flags to enable user-mode code execution in kernel-mode. By targeting isolated paging structures, an attacker can corrupt page table entries to circumvent kernel memory safeguards on 64-bit Windows systems.