{"version":"1.0","provider_name":"HITBSecConf2023 - Amsterdam","provider_url":"https:\/\/conference.hitb.org\/hitbsecconf2023ams","title":"The Lost World of DirectComposition: Hunting Windows Desktop Window Manager Bugs - HITBSecConf2023 - Amsterdam","type":"rich","width":600,"height":338,"html":"<blockquote class=\"wp-embedded-content\" data-secret=\"Np727JjAcr\"><a href=\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/session\/hunting-windows-desktop-window-manager-bugs\/\">The Lost World of DirectComposition: Hunting Windows Desktop Window Manager Bugs<\/a><\/blockquote><iframe sandbox=\"allow-scripts\" security=\"restricted\" src=\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/session\/hunting-windows-desktop-window-manager-bugs\/embed\/#?secret=Np727JjAcr\" width=\"600\" height=\"338\" title=\"&#8220;The Lost World of DirectComposition: Hunting Windows Desktop Window Manager Bugs&#8221; &#8212; HITBSecConf2023 - Amsterdam\" data-secret=\"Np727JjAcr\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" class=\"wp-embedded-content\"><\/iframe><script>\n\/*! This file is auto-generated *\/\n!function(d,l){\"use strict\";l.querySelector&&d.addEventListener&&\"undefined\"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!\/[^a-zA-Z0-9]\/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret=\"'+t.secret+'\"]'),o=l.querySelectorAll('blockquote[data-secret=\"'+t.secret+'\"]'),c=new RegExp(\"^https?:$\",\"i\"),i=0;i<o.length;i++)o[i].style.display=\"none\";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute(\"style\"),\"height\"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):\"link\"===t.message&&(r=new URL(s.getAttribute(\"src\")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener(\"message\",d.wp.receiveEmbedMessage,!1),l.addEventListener(\"DOMContentLoaded\",function(){for(var e,t,s=l.querySelectorAll(\"iframe.wp-embedded-content\"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute(\"data-secret\"))||(t=Math.random().toString(36).substring(2,12),e.src+=\"#?secret=\"+t,e.setAttribute(\"data-secret\",t)),e.contentWindow.postMessage({message:\"ready\",secret:t},\"*\")},!1)))}(window,document);\n<\/script>\n","description":"PRESENTATION SLIDES (PDF) In the past few years, Windows win32k privilege escalation vulnerabilities have emerged in an endless stream. Researchers discovered new attack surfaces such as win32k Callback, DirectX, DirectComposition, etc. Even so, it&#8217;s still difficult to discover new vulnerabilities inside win32k attack surface. Are there still other attack surfaces inside the windows graphics component? [&hellip;]"}