Find which process is using the microphone, from a kernel-mode driver

Background A while ago I was at Alex Ionescu's house and we were discussing random Windows internals stuff. I learned that we both discovered cool things in the Windows Notification Framework (WNF). Alex and Gabrielle Viala presented their research on the topic at Black Hat USA 2018 (BHUSA2018) [1]. It is fairly comprehensive and will… Continue reading Find which process is using the microphone, from a kernel-mode driver