Exploring a New Class of Kernel Exploit Primitive

Microsoft Security Response Center receives and examines many interesting bug classes. Often, the exploitability of those bugs is apparent, but this is not always the case. One interesting outlier is an arbitrary kernel pointer read primitive where the attacker cannot retrieve the content of the memory read. Traditionally, these would have an impact of Denial of Service (DoS) or in some cases a second-order Kernel Memory Information Disclosure (where side channels or indirect probing are possible) but could such a …

bug bugs case cases center class code code execution denial of service disclosure dos escalation exploit exploited impact information information disclosure kernel memory microsoft microsoft security order privilege privilege escalation response second-order security service