Hardening Hyper-V through Offensive Security Research

Presented at Black Hat USA 2018, Aug. 9, 2018, 3:50 p.m. (50 minutes).

Virtualization technology is fast becoming the backbone of the security strategy for modern computing platforms. Hyper-V, Microsoft's virtualization stack, is no exception and is therefore held to a high security standard, as is demonstrated by its $250,000 public bug bounty program.

As one might expect, Microsoft's own engineers are continually looking for vulnerabilities in the code that makes up their products. Perhaps more unexpectedly, Microsoft also develops exploits for these products in an effort to gain a better understanding of the techniques involved and mitigate them before they can be used against customers. In this talk, we will relate how Microsoft's Offensive Security Research (OSR) team did just that with Hyper-V by discovering CVE-2017-0075, developing relevant and novel exploitation techniques to exploit it, and finally contributing learnings to Hyper-V hardening efforts. The presentation will detail every step of this process in great detail, culminating in a live Hyper-Pwning demonstration.


Presenters:

  • Jordan Rabet - Senior Security Software Engineer, Microsoft
    Jordan Rabet is a researcher on Microsoft WDG's Offensive Security Research (OSR) team. Since joining in 2016, he's done work which has contributed to the security of Windows, Edge, Windows Phone, Xbox, Hyper-V, Windows Defender Advanced Threat Protection and Application Guard. Also Chrome.

Links:

Similar Presentations: