Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore a cybersecurity researcher's week-long investigation that uncovered seven critical vulnerabilities across multiple prominent software vendors in this 40-minute DEF CON 33 conference talk. Learn how a routine driver update led to the discovery of arbitrary code execution vulnerabilities exploitable directly from web browsers, revealing a dangerous pattern of privileged Windows services managing software with inadequate security controls. Follow the complete vulnerability research methodology from initial attack surface discovery through reverse engineering to successful exploitation of local privilege escalation and remote code execution flaws. Gain insights into the systematic security weaknesses present in vendor bloatware and driver management tools that create significant attack vectors on Windows systems. Understand the technical details behind CVE discoveries that demonstrate how common software patterns can lead to serious security compromises, and discover why these vulnerabilities represent fundamental security design failures that should be addressed in modern software development practices.
