Excellent information guys. I also found a whitepaper published eEye, Remote Windows Kernel Exploitation , that I found to be very useful too. Worth checking out.