I Am Groot: Examining the Guardians of Windows 10 Security

Presented at DEF CON China Beta (2018), May 13, 2018, 12:30 p.m. (20 minutes).

Being one of the main targets of 3 Pwn2Own competitions, Microsoft Windows 10, along with Microsoft Edge, is proven more and more difficult to exploit. Now Windows 10 has been released for more than 2 years, Microsoft has been constantly updating the security mitigations integrated with the operating system. After 5 major releases, multiple levels of protections have been added to prevent a programming error from turning into a full system compromise. You may have heard many of them marketed as "Guards" under the Windows Defender brand. But how do they actually work? As Pwn2Own participants (and winners), we closely watched Windows 10 security evolve over the years. In this talk, you will get a behind-the-scene view of Windows 10 security mitigation implementations, how it helped make attackers' life harder, and how the attackers overcame it.

Presenters:

  • Chuanda Ding - Tencent Security Xuanwu Lab
    Chuanda Ding is a senior security researcher at Tencent Security Xuanwu Lab, conducting research on Windows security. He spoke at CanSecWest 2016, QCon Beijing 2016 and CanSecWest 2017.

Links:

Similar Presentations: