THREAT OPS › Threat News › Escalating a Windows driver registry bug to a kernel write primitive
Escalating a Windows driver registry bug to a kernel write primitive
<p>We recently added a <a href="https://appsec.guide/docs/languages/c-cpp/">C/C++ security checklist</a> to the Testing Handbook and <a href="https://blog.trailofbits.com/2026/04/09/master-c-and-c-with-our-new-testing-handbook-chapter/">challenged readers to spot the bugs in two code samples</a>: a deceptively simple Linux ping program and a Windows driver registry handler. If you found the <code>
MITRE ATT&CK techniques
Indicators of compromise
- https://appsec.guide/docs/languages/c-cpp/url
- https://man7.org/linux/man-pages/man3/inet.3.htmlurl
- https://sourceware.org/bugzilla/show_bug.cgi?id=20018url
- https://www.powershellgallery.com/packages/NtObjectManager/url
- https://www.trailofbits.com/contact/url
- 1.2.3.4ipv4
- 127.0.0.0/8cidr