
TALK: Behind the Kernel: 0days in Drivers and Windows Signed Exposed // Iván Cabrera, Adrián Díaz
In this talk, we reveal how we discovered over 30 exploitable Microsoft-signed Windows drivers, even on fully patched systems. We detail our reversing method and a flaw in the driver signing process that lets attackers create undetectable, validly signed driver variants.