Security Research Over the Windows (kernel)

Presented at DEF CON China Beta (2018), May 12, 2018, 3 p.m. (60 minutes).

Past several years Microsoft Windows undergo lot of fundamental security changes. Where one can argue still imperfect and bound to tons of legacy issues, on the other hand those changes made important shifts in attacker perspective. From tightened sandboxing, restricting attack surface, introducing mitigations, applying virtualization up to stronger focus even on win32k. In our talk we will go trough those changes, how it affects us and how we tackle them from choosing targets, finding bugs up to exploitation primitives we are using. While also empathize that windows research is not only about sandbox, and there are many more interesting target to look for.


Presenters:

  • Peter Hlavaty - Senior Security Researcher at Keenlabs Tencent
    Peter ( @zer0mem ) is Senior Security Researcher at KeenLab, Tencent. Focusing mainly on sandbox escapes on windows platform, virtualization, and mitigation bypasses. Pwn2Own 2016..2017 winner, frequent speaker at software security conferences like recon, bluehat, zeronights, syscan, and others.

Links:

Similar Presentations: