Research Projects

Windows Downdate: Downgrade Attacks Using Windows Updates

• Presented at:

  • Black Hat USA 2024 - Video

  • DEF CON 32 (2024) - Video

• Featured at:

  • Forbes

  • Fox News

  • The Washington Post

  • WIRED

  • and more

• Vulnerabilities found:

  • CVE-2024-38202 (CVSS 7.3) - Windows Update Stack Elevation of Privilege Vulnerability

  • CVE-2024-21302 (CVSS 6.7) - Windows Secure Kernel Mode Elevation of Privilege Vulnerability

• Windows Downdate Blogpost

• Windows Downdate GitHub Repository

• Nominated for “The Most Epic Achievement” award in 2024’s Pwnie Awards Ceremony

The Pool Party You Will Never Forget: New Process Injection Techniques Using Windows Thread Pools

• Presented at:

  • Black Hat Europe 2023 - Video

  • CanSecWest 2024 - Video

  • CONFidence 2024 - Video

• Featured at:

  • The Hacker News

  • Security Week

  • SC Media

  • and more

• Pool Party Blogpost

• Pool Party GitHub Repository

An Update on Windows Downdate

• Featured at:

  • Forbes

  • Dark Reading

  • The Hacker News

  • BleepingComputer

  • and more

• An Update on Windows Downdate Blogpost