CVE-2026-20811: Win32k Type Confusion in Cloud-Deployed Feature Flag

CVE-2026-20811 is a type confusion in win32kfull.sys (KB5074109, CVSS 7.8). The bug is in the async window action processing path introduced by a feature flag rollout (Feature_ApplyWindowActionConv...

Mar 29, 2026 Vulnerability Research, Windows Internals

Reversing BEDaisy.sys: Static Analysis of BattlEye's Kernel Anti-Cheat Driver

In the first post I covered how kernel anti-cheat systems work at an architectural level: the callbacks they register, the memory scanning they perform, the detection techniques they use. All of th...

Mar 6, 2026 Anti-Cheat, Reverse Engineering

How Kernel Anti-Cheats Work: A Deep Dive into Modern Game Protection

Modern kernel anti-cheat systems are, without exaggeration, among the most sophisticated pieces of software running on consumer Windows machines. They operate at the highest privilege level availab...

Feb 23, 2026 Anti-Cheat, Windows Internals

CVE-2026-20811: Win32k Type Confusion in Cloud-Deployed Feature Flag

Reversing BEDaisy.sys: Static Analysis of BattlEye's Kernel Anti-Cheat Driver

How Kernel Anti-Cheats Work: A Deep Dive into Modern Game Protection

Trending Tags