Integrity Protection Driver (IPD) 1.2 and earlier blocks access to \Device\PhysicalMemory by its name, which could allow local privileged processes to overwrite kernel memory by accessing the device through a symlink.
https://exchange.xforce.ibmcloud.com/vulnerabilities/10747
http://www.phrack.org/show.php?p=59&a=16
http://archives.neohapsis.com/archives/ntbugtraq/2002-q4/0087.html