First and foremost, I would like to give credit to Rob Fuller, aka Mubix, for the tip on this awesome exploit; Be sure to check out his security blog, Room362. And of course @Ponez for for creating the Sysret vulnerability port for Windows. The Sysret exploit is made possible due to a subtle difference in the way in which Intel processors implement error handling in their version of AMD’s SYSRET instruction. The SYSRET instruction is part of the x86-64 standard defined by AMD. If an operating system is written according to AMD’s spec, but run on Intel hardware, the difference in implementation can be exploited by an attacker to write to arbitrary