Analysis of the Attack Surface of Windows 10 Virtualization-Based Security

Analysis of the Attack Surface of Windows 10 Virtualization-Based Security

Black Hat via YouTube Direct link

Kernel HVCI bypass, MS16-066

7 of 14

7 of 14

Kernel HVCI bypass, MS16-066

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Analysis of the Attack Surface of Windows 10 Virtualization-Based Security

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 VBS architecture
  3. 3 Credential Guard architecture
  4. 4 CG RPC interface
  5. 5 CG scenario 2
  6. 6 VBS-enforced code integrity
  7. 7 Kernel HVCI bypass, MS16-066
  8. 8 Necessary support
  9. 9 Root partition privileges
  10. 10 Problem 1-unfiltered MMCFG • MMCFG is a region of physical address space, access
  11. 11 Overlap VTd bars
  12. 12 S4 sleep
  13. 13 SMM abuse example
  14. 14 Questions?

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.