THREATOPS
THREAT OPSThreat News › A Deep Dive into the GetProcessHandleFromHwnd API

A Deep Dive into the GetProcessHandleFromHwnd API

lowproject_zeroPublished 2026-02-26

<p>In my previous blog post I mentioned the <a href="https://learn.microsoft.com/en-us/windows/win32/winauto/getprocesshandlefromhwnd"><code class="language-plaintext highlighter-rouge">GetProcessHandleFromHwnd</code></a> API. This was an API I didn’t know existed until I found a publicly disclosed <a href="https://github.com/R41N3RZUF477/QuickAssist_UAC_Bypass">UAC bypass</a> using the Quick Assi

Attributed threat actors

Indicators of compromise

Original source: https://projectzero.google/2026/02/gphfh-deep-dive.html