Windows Kernel Exploitation 101: Exploiting CVE-2014-4113

By Sam Brown on 5 April, 2016

The walkthrough aims to guide the reader through creating code to trigger and exploit CVE-2014-4113. It does this by starting from an Anti-Virus vendor report highlighting when the vulnerability was originally discovered being exploited in the wild. It uses this information to create a fully functioning exploit for Windows 7 Service Pack 1 32 bit. The write-up includes the full details of the approach including crash analysis and challenges encountered along the way, with the aim to help make this topic more approachable for researchers investigating kernel exploitation.