EMET 4.0 PKI Mitigation

Presented at DEF CON 21 (2013), Aug. 4, 2013, noon (45 minutes).

Microsoft EMET is a free Mitigation tool. In addition to its memory corruption exploit mitigations, a newly introduced feature is the PKI mitigation. This mitigation implements x509 certificate pinning to prevent usage of forged certificates in HTTPS sessions in the web browser. This talk is technical as it demos EMET in action and explains how the PKI mitigation works.


Presenters:

Links:

Similar Presentations: