Description: This is a video of the presentation titled "Windows Privilege Escalation through LPC and ALPC Interfaces" given by Thomas Garnier at Recon 2008. <br> <br> Talk Description: <br><br>This presentation addresses reported security issues on both LPC (Local Procedure Call) and ALPC (Advanced Local Procedure Call) interfaces on Microsoft Windows. The first vulnerability is MS08-002 (LSASS local privilege escalation) and the second is MS07-066 (ALPC kernel code execution). This talk presents their discovery, exploitation and discuss how operating system design could be modified in order to block them.<br><br>The LPC interface is an internal communication component in the Windows kernel. This undocumented interface is used in background of known Windows API. Most system components use LPC interface to communicate with lower security level programs. Windows Vista redesigned this interface in a new component called ALPC. The ALPC interface design will be discuss to see its improvement in local communication security. <br><br>A high resolution video is available here. The presentation slides can be downloaded here. A research paper on this topic is here. <br><br><br><br><br></div><div style="text-align: justify;"><br><style type="text/css">body { background: #FFF; } </style> <style type="text/css">body { background: #FFF; } </style> </div>
Tags: basics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.