About

Blake Watts is a windows internals expert with emphasis on reverse engineering, virtualization, computer security and software development. He has been published in numerous vulnerability advisories, books, and papers on Windows security.

Misc. published research

[April 2002] - Discovering and Exploiting Named Pipe Security Flaws for Fun and Profit
This paper addresses a number of named pipe related issues affecting all versions of Windows NT based operating system. The paper was written pre-release of Windows 2000 SP4. Therefore, consider this an advisory up to this point. It is my understanding that Windows NT and Windows XP are still affected by the issues.

Misc public Advisories

This section contains a misc set of advisories that have been made public that I was involved with.

Windows Media Player WMDM Privilege Escalation Vulnerability

Denial of Service Vulnerability in Windows 2000 RunAs Service - RADIX1112200103

Microsoft Windows 2000 RunAs User Credentials Exposure Vulnerability - RADIX1112200102

Microsoft Windows 2000 RunAs Service Named Pipe Hijacking Vulnerability - RADIX1112200101

Event Viewer Buffer Overflow

Telnet Service Privilege Escalation

Service Control Manager Named Pipe Privilege Escalation