Blake Watts is a windows internals expert with emphasis on reverse engineering, virtualization, computer security and software development. He has been published in numerous vulnerability advisories, books, and papers on Windows security.
Misc. published research
[April 2002] - Discovering and Exploiting Named Pipe Security Flaws for Fun and Profit
This paper addresses a number of named pipe related issues affecting all versions of Windows NT based operating system. The paper was written pre-release of Windows 2000 SP4. Therefore, consider this an advisory up to this point. It is my understanding that Windows NT and Windows XP are still affected by the issues.
Misc public Advisories
This section contains a misc set of advisories that have been made public that I was involved with.
Windows Media Player WMDM Privilege Escalation Vulnerability
Denial of Service Vulnerability in Windows 2000 RunAs Service - RADIX1112200103
Microsoft Windows 2000 RunAs User Credentials Exposure Vulnerability - RADIX1112200102
Microsoft Windows 2000 RunAs Service Named Pipe Hijacking Vulnerability - RADIX1112200101
Event Viewer Buffer Overflow
Telnet Service Privilege Escalation
Service Control Manager Named Pipe Privilege Escalation
Copyright (c) 2002 Watts Research