There is a particular kind of flaw that keeps popping up in Microsoft security advisories. It’s a flaw that sits deep within the system with something known as user-mode callbacks.
Targei Mandt, a researcher with security firm Norman is discussing the flaw in detail at the Black Hat conference this week in Las Vegas. In an interview with InternetNews.com Mandt noted that the win32k.sys graphics component element is at the root of the flaw.
The types of vulnerabilities that these bugs lead to can be almost anything,” Mandt said. “In the bugs that I’ve found, it’s mostly Null pointer dereferences but it’s not limited to that.”