This Black Hat conference talk explores the Windows printer rendering architecture and identifies critical security vulnerabilities. Learn how researchers ZeSen Ye and Zhiniang Peng discovered Local Privilege Escalation (LPE) and Remote Code Execution (RCE) vulnerabilities in Windows printer drivers. Gain valuable insights into analyzing complex parsing components within the Windows Spooler system, along with practical tips for identifying similar security flaws. The 36-minute presentation provides a comprehensive examination of printer driver attack surfaces that security professionals and researchers can leverage to improve system defenses.
Diving into Spooler: Discovering LPE and RCE Vulnerabilities in Windows Printer Driver
Overview
Syllabus
Diving into Spooler: Discovering LPE and RCE Vulnerabilities in Windows Printer Driver
Taught by
Black Hat
Related Courses
-
Diving Into Spooler - Discovering LPE and RCE Vulnerabilities in Windows Printer
-
Enhancing Automatic Vulnerability Discovery for Windows RPC/COM in New Ways
-
OVPNX - Four Zero-Day Vulnerabilities Leading to Remote Code Execution in OpenVPN Endpoints
-
The Overlooked Attack Surface: Diving into Windows Client Components for RCE Vulnerabilities
-
Attacking Windows Device Drivers: Almost Escaping the Sandbox
-
Abusing Windows Filtering Platform for Privilege Escalation - Undetected Attack Techniques
