The 2012 Pwnie Winner For Best Privilege Escalation Bug

MS11-098: Windows Kernel Exception Handler Vulnerability (CVE-2011-2018)

Credit: Mateusz “j00ru” Jurczyk

j00ru owned Windows. All of them. Ok, well just all of the 32-bit versions of Windows from NT through the Windows 8 Developer Preview. What have you done lately? And to top it off, he wrote a clear paper on it with some of the nicest boxy diagrams we have ever seen in a LaTeX paper.