The Windows Sandbox Paradox

Presented at ShmooCon XI (2015), Jan. 17, 2015, 5 p.m. (60 minutes).

More user applications are relying on sandboxes to limit the damage a Remote Code Execution vulnerability can inflict. It started with Web Browsers such as with Internet Explorer's Protected Mode and now covers many different applications. Unfortunately the Windows operating system isn't well matched to providing secure sandboxing. Through a combination of missing features, poor documentation and unexpected behaviour writing a secure sandbox on Windows seems an impossible task. Even built-in technologies such as Windows 8 AppContainer's have unusual behaviour which can even catch out Microsoft.

This presentation details some of the ways Windows actively hamstrings sandbox development. It also includes some interesting bugs in sandboxed applications such as Chrome, IE and Adobe Reader which directly result from these problems with OS. Attendees should get a better understanding of some of the issues with Windows sandboxes so that they might be able to better audit and develop them in the future.


Presenters:

  • James Forshaw
    James is a security researcher in Google's Project Zero. He has been involved with computer hardware and software security for over 10 years looking at a range of different platforms and applications. With a great interest in logical vulnerabilities he has numerous disclosures in a wide range of products from web browsers to virtual machine breakouts as well as being a Pwn2Own and Microsoft Mitigation Bypass bounty winner. He has spoken at a number of security conferences including Black Hat USA, CanSecWest, Bluehat, HITB, and Infiltrate.

Similar Presentations: