Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results

Before Posting...
Please check out the Community Guidelines in the Announcements and Administration Category.

More Info on Driver Writing and Debugging

The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.

Check out The OSR Learning Library at:

Jan 2021 UPDATE: Serious Bug in ExAllocatePoolZero in WDK 2004

Peter_Viscarola_(OSR)Peter_Viscarola_(OSR) Administrator Posts: 8,253
edited January 7 in NTDEV

(see the following posts in this thread for updates)

We have discovered an issue with the new ExAllocatePoolZero function that appears in the WDK for Windows 2004. The bug also affects ExAllocatePoolQuotaZero, and ExAllocatePoolPriorityZero.

In short, using these functions will result in security vulnerabilities and crashes in drivers running on Windows 1909 (only... drivers running on earlier or later versions of Windows will not experience this issue).

Microsoft is aware of the issue.

For a complete description of the issue, as well as suggested actions and work-around, see our Developers Blog post.

We cannot emphasize strongly enough: Do not use these functions until you understand this bug.


Peter Viscarola

Post edited by Peter_Viscarola_(OSR) on


  • Peter_Viscarola_(OSR)Peter_Viscarola_(OSR) Administrator Posts: 8,253
    edited January 7

    Good news!

    Microsoft has issued a "security refresh" of the Windows 2004 WDK and EWDK that contains mitigations for these vulnerabilities. You should update your WDK/EWDK installation to the new version ASAP.

    In addition, we have discovered that an update has been released for Windows 1909 that mitigates the original issue.

    See our developer's blog post for more information.

    If you have any questions or comments... start a thread.

    Peter Viscarola

This discussion has been closed.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Upcoming OSR Seminars
OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead!
Writing WDF Drivers 7 Dec 2020 LIVE ONLINE
Internals & Software Drivers 25 Jan 2021 LIVE ONLINE
Developing Minifilters 8 March 2021 LIVE ONLINE