Blog Security Research Can't Wait to Shut You Down — Remote DoS Using Wininit.exe Stiv Kupchik is a Security Researcher Team Lead at Akamai. His research projects revolve around OS internals, vulnerability research, and malware analysis. He has presented his research at conferences such as Black Hat, Hexacon, and 44CON. In addition to being a cybersecurity professional, Stiv also has a BSc in physics. Editorial and additional contributions by Tricia Howard \r\n Executive summary \r\n \r\n Akamai researcher Stiv Kupchik found a new denial-of-service (DoS) vulnerability in Microsoft’s Wininit.exe, CVE-2022-44707 , with a CVSS score of 6.5. \r\n \r\n The vulnerability was responsibly disclosed to MSRC in August, and was patched as part of December’s Patch Tuesday 2022 . \r\n \r\n The vulnerability abuses the RPC caching mechanism , on which we have done extensive research. We provide a proof of concept of the attack in our RPC toolkit .…