Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Digging for IE11 Sandbox Escapes Part 1

Black Hat via YouTube

Overview

Explore the process of discovering sandbox escapes in Internet Explorer 11 during Microsoft's bug bounty program in this Black Hat conference talk. Delve into the methodology used to uncover four significant vulnerabilities in the IE11 sandbox implementation, some of which have persisted since Vista and IE7. Learn about the Enhanced Protected Mode (EPM) sandbox and its utilization of Windows 8's App Container mechanism. Gain insights into investigating the IE11 sandbox, executing custom code, and analyzing attack surfaces. Examine the provided sample source code for each vulnerability to test and understand the issues firsthand. Note that participation requires Windows 8.1 RTM installation and tools such as Visual Studio 2013 and IDA Pro for analysis and development of sandbox escape examples.

Syllabus

Digging for IE11 Sandbox Escapes Part 1

Taught by

Black Hat

Reviews

Start your review of Digging for IE11 Sandbox Escapes Part 1

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.