Thomas Garnier

Thomas Garnier mxatone


Niner since 2014

Thomas Garnier is a Senior Security Engineer in the Trustworthy Computing Group at Microsoft. He is an enthusiast vulnerability researcher focused on network security and Windows. Before joining Microsoft, he reported multiple MSRC cases mainly in the win32k driver. After joining, he worked on building mitigations and identifying design vulnerabilities. He is the co-author of Sysinternals Sysmon with Mark Russinovich.

Sysinternals Sysmon:

Microsoft mitigation bounty:

Uninformed article on win32k privilege escalation: