Zero Day Initiative - Breaking Barriers and Assumptions: Techniques for Privilege Escalation on Windows: Part 1

Zero Day Initiative - Breaking Barriers and Assumptions: Techniques for Privilege Escalation on Windows: Part 1

Briefly

The number of link following vulnerabilities submitted to the ZDI program has been increasing rapidly over the past several years, requiring programmatically exploiting a race condition.

Zero Day Initiativehttps://www.thezdi.com/blog/2024/7/29/breaking-barriers-and-assumptions-techniques-for-privilege-escalation-on-windows-part-1

A link following vulnerability occurs when an application accesses a file by filename without preventing it from resolving to an unintended resource, potentially leading to exploitation through user-created links in Windows.

Zero Day Initiativehttps://www.thezdi.com/blog/2024/7/29/breaking-barriers-and-assumptions-techniques-for-privilege-escalation-on-windows-part-1