The Windows Sandbox Paradox

Presented at ShmooCon XI (2015), Unknown date/time (Unknown duration)

More user applications are relying on sandboxes to limit the damage a Remote Code Execution vulnerability can inflict. It started with Web Browsers such as with Internet Explorer's Protected Mode and now covers many different applications. Unfortunately the Windows operating system isn't well matched to providing secure sandboxing. Through a combination of missing features, poor documentation and unexpected behaviour writing a secure sandbox on Windows seems an impossible task. Even built-in technologies such as Windows 8 AppContainer's have unusual behaviour which can even catch out Microsoft.

This presentation details some of the ways Windows actively hamstrings sandbox development. It also includes some interesting bugs in sandboxed applications such as Chrome, IE and Adobe Reader which directly result from these problems with OS. Attendees should get a better understanding of some of the issues with Windows sandboxes so that they might be able to better audit and develop them in the future.

Presenters:

• James Forshaw
  James is a security researcher in Google's Project Zero. He has been involved with computer hardware and software security for over 10 years looking at a range of different platforms and applications. With a great interest in logical vulnerabilities he has numerous disclosures in a wide range of products from web browsers to virtual machine breakouts as well as being a Pwn2Own and Microsoft Mitigation Bypass bounty winner. He has spoken at a number of security conferences including Black Hat USA, CanSecWest, Bluehat, HITB, and Infiltrate.

Similar Presentations:

• Black Hat USA 2014 / Digging for IE11 Sandbox Escapes
• DEF CON 24 (2016) / Escaping The Sandbox By Not Breaking It
• Black Hat USA 2012 / Windows Phone 7 Internals and Exploitability