Agenda
• Brief look at Kernel Exploitation history
• Arbitrary Kernel Read/Write Primitive
• KASLR information leak
• De-randomizing Page Table Entries
• Dynamic Function Location
• Executable Kernel Memory Allocation
• Note on Win32k Syscall Filtering