Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Exploit Mitigation Improvements in Windows 8

Black Hat via YouTube

Overview

Explore the latest exploit mitigation improvements in Windows 8 through this comprehensive Black Hat USA 2012 conference talk. Delve into Microsoft's decade-long journey of enhancing Windows platform security, focusing on features like Data Execution Prevention (DEP), Address Space Layout Randomization (ASLR), and Visual C++'s code generation security. Discover the substantial advancements made in Windows 8 to disrupt known exploitation techniques and prevent entire vulnerability classes from being exploited. Gain insights into the technical details of these improvements and their expected impact on system security. Learn about future directions in exploit mitigation research being explored by Microsoft. Examine topics such as range checks, sealed optimization, virtual table guard, ASLR enhancements, Windows heap architecture changes, kernel security improvements, and default settings for ARM and Windows Metro style applications.

Syllabus

Intro
Windows 8 Security Overview
Framing the problem with exploit economics
History of exploit mitigations on Windows
The state of memory safety exploits
Objectives & focus areas in Windows 8
Range Checks Compiler-inserted array bounds check (via /GS)
Sealed optimization • Optimization for sealed C++ types & methods
Virtual Table Guard
Retrospective: ASLR
Force ASLR
Bottom-up & top-down randomization
ASLR entropy improvements
Removal of information disclosure vectors • Information disclosures can be used to bypass ASLR
Retrospective: Windows Heap
Windows 8 heap architecture The general design of the Windows heap is unchanged in Windows 8
LFH design changes & integrity checks
Guard pages
Allocation order randomization
Retrospective: Windows Kernel
Kernel ASLR improvements
Support for SMEP/PXN
NULL dereference protection
Kernel pool integrity checks
Other improvements
ARM default settings All applicable mitigations are enabled on ARM
Application default settings Il applicable mitigations are enabled for Windows Metro style app
Enabling opt-in mitigations
Expectations for exploits on Windows 8
Call to action

Taught by

Black Hat

Reviews

Start your review of Exploit Mitigation Improvements in Windows 8

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.