Microsoft (Windows) | writeups.xyz

Title	Vulnerabilities	Programs	Authors
Introducing Aladdin	Insecure Deserialization	Microsoft (Windows)	Lefteris Panos (@Lefterispan)
From CVE-2022-33679 to Unauthenticated Kerberoasting	Kerberos MiTM Local Privilege Escalation Downgrade Attack	Microsoft (Windows)	Trampas Howe (@Trampashowe)
EoP via Arbitrary File Write/Overwite in Group Policy Client “gpsvc” – CVE-2022-37955	Local Privilege Escalation	Microsoft (Windows)	Ap (@Decoder_it)
Microsoft Windows Contacts (VCF/Contact/LDAP) syslink control href attribute escape vulnerability (CVE-2022-44666) (0day).	RCE	Microsoft (Windows)	J00sean (@J00sean)
LPE via StorSvc	Local Privilege Escalation DLL Hijacking	Microsoft (Windows)	Antón Ortigueira (@Antuache) Kurosh Dabbagh (@_Kudaes_)
Dissecting and Exploiting TCP/IP RCE Vulnerability “EvilESP”	Kernel Hacking Windows RCE Memory Corruption Buffer Overflow	Microsoft (Windows)	Valentina Palmiotti (@Chompie1337)
RC4 Is Still Considered Harmful	Kerberos MiTM Local Privilege Escalation Downgrade Attack	Microsoft (Windows)	James Forshaw (@Tiraniddo)
SSD Advisory – VhdmpiValidateVirtualDiskSurface LPE	Local Privilege Escalation	Microsoft (Windows)	Sana Oshika (@Bigshika)
Abusing Arbitrary File Deletes To Escalate Privilege And Other Great Tricks	Local Privilege Escalation	Microsoft (Windows)	Abdelhamid Naceri Simon Zuckerbraun

Page 2 of 2