CVE-2018-8611 – Diving into the Windows Kernel Transaction Manager (KTM) for fun and exploitation

Written by Cedric Halbronn

On Saturday 15th February, I gave a talk titled “How CVE-2018-8611 Can be Exploited to Achieve Privilege Escalation on Windows 10 1809 (RS5) and Earlier”. This research was done by Aaron Adams and myself and was presented by Aaron at POC2019 at the end of last year. The OffensiveCon slides are very similar except we added a few new slides based on some questions we had at POC2019.

Stay tuned as we will publish a series of blog posts with even more details soon!

Link to OffensiveCon
Link to slides