Vulnerability Spotlight: Local Code Execution via the Intel HD Graphics Windows Kernel Driver
This vulnerability was discovered by Piotr Bania.
Talos, in coordination with Intel, is disclosing the discovery of TALOS-2016-0087, a local arbitrary code execution vulnerability within the Intel HD Graphics Windows Kernel Driver. This vulnerability exists in the communication functionality of the driver and can be exploited if a specially crafted message is sent to the driver, resulting in a denial of service or arbitrary code execution. Note that exploitation of this vulnerability is only achievable in local contexts. This vulnerability has been responsibly disclosed to Intel in accordance with our Vulnerability Reporting and Disclosure guidelines.