Explore a detailed breakdown of two zero-day vulnerabilities used to exploit 64-bit Internet Explorer at the Pwn2Own contest. Delve into the challenges of bypassing Address Space Layout Randomization (ASLR), Control Flow Guard (CFG), and Enhanced Protected Mode (EPM) on Windows 8.1. Learn about innovative techniques for achieving remote code execution and privilege escalation in a 64-bit environment. Examine the intricacies of exploiting an uninitialized memory bug and a time-of-check to time-of-use (TOCTOU) vulnerability. Gain insights into advanced exploit mitigation bypass methods for 64-bit IE, equipping yourself with knowledge to better understand and defend against sophisticated browser exploits.
Hey Man, Have You Forgotten to Initialize Your Memory?
Overview
Syllabus
Hey Man, Have You Forgotten To Intialize Your Memory?
Taught by
Black Hat
Related Courses
-
Exploiting 64 Bit IE on Windows 8.1 - The Pwn2Own Case Study
-
Cross the Wall - Bypass All Modern Mitigations of Microsoft Edge
-
Deep Analysis of Exploitable Linux Kernel Vulnerabilities 2017-2019
-
Abusing Silent Mitigations - Understanding Weaknesses Within Internet Explorer
-
Just-In-Time Code Reuse - The More Things Change, the More They Stay the Same
-
Exploit Mitigation Improvements in Windows 8
