Inside Win32k Exploitation: Background on Implementations of Win32k and Exploitation Methodologies
Tags
attack-pattern: Data Direct Exploits - T1587.004 Exploits - T1588.005 Hooking - T1617 Kernelcallbacktable - T1574.013 Server - T1583.004 Server - T1584.004 Social Media - T1593.001 Trap - T1546.005 Vulnerabilities - T1588.006 Graphical User Interface - T1061 Hooking - T1179 Trap - T1154 Graphical User Interface Hooking
Show in Graph
Common Information
Type Value
UUID 3ec80054-e781-43cd-ad83-f190337b314f
Fingerprint d6580c5baabf27cd
Analysis status DONE
Considered CTI value 2
Text language
Published June 13, 2023, 1 p.m.
Added to db June 13, 2023, 3:30 p.m.
Last updated Nov. 17, 2024, 5:58 p.m.
Headline Inside Win32k Exploitation: Background on Implementations of Win32k and Exploitation Methodologies
Title Inside Win32k Exploitation: Background on Implementations of Win32k and Exploitation Methodologies
Detected Hints/Tags/Attributes 62/1/8
Source URLs
Redirection Url
Details Source https://unit42.paloaltonetworks.com/win32k-analysis-part-1/
URL Provider
Details Provider Source level domain
Details paloaltonetworks.com unit42.paloaltonetworks.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 256 Unit 42 https://unit42.paloaltonetworks.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 19 
cve-2022-21882
Details CVE 45 
cve-2021-1732
Details CVE 1 
cve-2022-1732
Details File 115 
win32k.sys
Details File 12 
win32kbase.sys
Details File 15 
win32kfull.sys
Details File 165 
csrss.exe
Details File 291 
user32.dll