Explore the evolution and vulnerabilities of Internet Explorer's silent exploit mitigations in this 47-minute Black Hat conference talk. Delve into the Isolated Heap and MemoryProtection strategies introduced by Microsoft in 2014 to combat use-after-free vulnerabilities. Examine how these mitigations function, their weaknesses, and the techniques attackers employ to bypass them. Learn about using MemoryProtection as an oracle to circumvent ASLR and discover additional recommended defenses to further secure Internet Explorer against emerging attack vectors. Gain valuable insights from security experts Brian Gorenc, Abdul-Aziz Hariri, and Simon Zuckerbraun on the complexities of browser security and exploit mitigation.
Abusing Silent Mitigations - Understanding Weaknesses Within Internet Explorer
Overview
Syllabus
Abusing Silent Mitigations - Understanding Weaknesses Within Internet Explorer
Taught by
Black Hat
Related Courses
-
The Birth of a Complete IE11 Exploit Under New Exploit Mitigations
-
Use After Free Exploitation - Detecting and Exploiting Heap Vulnerabilities
-
Internet Explorer Turns Your Personal Computer into a Public File Server
-
Hey Man, Have You Forgotten to Initialize Your Memory?
-
The Power of Pair - One Template that Reveals 100+ UAF IE Vulnerabilities
