Completed
Retrospective: Windows Heap
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Exploit Mitigation Improvements in Windows 8
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Windows 8 Security Overview
- 3 Framing the problem with exploit economics
- 4 History of exploit mitigations on Windows
- 5 The state of memory safety exploits
- 6 Objectives & focus areas in Windows 8
- 7 Range Checks Compiler-inserted array bounds check (via /GS)
- 8 Sealed optimization • Optimization for sealed C++ types & methods
- 9 Virtual Table Guard
- 10 Retrospective: ASLR
- 11 Force ASLR
- 12 Bottom-up & top-down randomization
- 13 ASLR entropy improvements
- 14 Removal of information disclosure vectors • Information disclosures can be used to bypass ASLR
- 15 Retrospective: Windows Heap
- 16 Windows 8 heap architecture The general design of the Windows heap is unchanged in Windows 8
- 17 LFH design changes & integrity checks
- 18 Guard pages
- 19 Allocation order randomization
- 20 Retrospective: Windows Kernel
- 21 Kernel ASLR improvements
- 22 Support for SMEP/PXN
- 23 NULL dereference protection
- 24 Kernel pool integrity checks
- 25 Other improvements
- 26 ARM default settings All applicable mitigations are enabled on ARM
- 27 Application default settings Il applicable mitigations are enabled for Windows Metro style app
- 28 Enabling opt-in mitigations
- 29 Expectations for exploits on Windows 8
- 30 Call to action