12‑Byte Syscall in Browser Sandbox Grants SYSTEM on Windows (CVE‑2026‑40369 PoC)

The article details CVE‑2026‑40369, a Windows kernel flaw in ExpGetProcessInformation where a zero‑length buffer bypasses ProbeForWrite, allowing a browser sandbox process to write arbitrary kernel memory with a 12‑byte syscall, leading to a deterministic, fully‑reliable privilege‑escalation chain that grants SYSTEM without race conditions, and discusses detection and mitigation.

CVE-2026-40369NtQuerySystemInformationWindows kernel

0 likes · 11 min read

12‑Byte Syscall in Browser Sandbox Grants SYSTEM on Windows (CVE‑2026‑40369 PoC)

Black & White Path

May 23, 2026 · Information Security

kn-live-dbg: A Debugger‑Like Windows Kernel Live Debugging Tool

kn-live-dbg is a lightweight, debugger‑styled Windows kernel memory browser that uses a kernel driver and a user‑mode TUI to read/write virtual and physical memory, enumerate callbacks, parse symbols, and even provide AI‑assisted command planning, offering a faster alternative to WinDbg for specific security research tasks.

AI assistantDbgHelpWindows kernel

0 likes · 12 min read

kn-live-dbg: A Debugger‑Like Windows Kernel Live Debugging Tool

Black & White Path

May 18, 2026 · Information Security

Windows Kernel LPE (CVE‑2026‑40369) PoC: Privilege Escalation from Chrome Sandbox

CVE‑2026‑40369 is an arbitrary kernel‑address write bug in ntoskrnl.exe that lets a low‑privilege attacker invoke NtQuerySystemInformation from the Chrome sandbox to gain SYSTEM rights on vulnerable Windows 11 and Server 2025 builds, with a fully functional PoC released on GitHub.

CVE-2026-40369Chrome sandboxLocal Privilege Escalation

0 likes · 10 min read

Windows Kernel LPE (CVE‑2026‑40369) PoC: Privilege Escalation from Chrome Sandbox

Black & White Path

Apr 6, 2026 · Information Security

How a 2026 Windows Kernel Bug in afd.sys Escapes the Sandbox and Takes Over the System

The article dissects CVE‑2026‑21236 in the legacy afd.sys driver, showing how an integer‑overflow in AfdBind lets attackers obtain a raw device handle, bypass KASLR, manipulate kernel structures like EPROCESS and KTHREAD, and silently elevate a process to SYSTEM privileges.

CVE-2026-21236KASLR bypassVBS

0 likes · 6 min read

How a 2026 Windows Kernel Bug in afd.sys Escapes the Sandbox and Takes Over the System

IT Services Circle

Oct 11, 2025 · Information Security

How Microsoft Is Turning Windows and Azure Safer with Rust

Microsoft is rapidly rewriting critical Windows kernel components, Azure services, Office data systems, cryptographic libraries, and driver frameworks in Rust to improve memory safety, reduce bugs, and enable safer code execution across its entire infrastructure.

AzureMicrosoftRust

0 likes · 10 min read

How Microsoft Is Turning Windows and Azure Safer with Rust

21CTO

Apr 28, 2023 · Information Security

Why Microsoft Is Rewriting the Windows Kernel in Rust – A Security Game‑Changer

Microsoft is integrating Rust into the Windows kernel to replace legacy C++ code, aiming to eliminate whole classes of memory‑safety bugs, boost performance, and set a new standard for secure system‑level development.

MicrosoftRustSystem Programming

0 likes · 8 min read

Why Microsoft Is Rewriting the Windows Kernel in Rust – A Security Game‑Changer