Attacking the WebAssembly Compiler of WebKit

Explore the security implications of WebAssembly (WASM) compilers in web browsers through this 27-minute Black Hat conference talk. Dive into the integration of WASM compilers with JavaScript engines and their significance as a potential attack surface. Examine past vulnerabilities, including a remote code execution flaw discovered in pwn2own2021. Learn about recent developments in WebKit's WASM compiler, including new features based on the WASM 2.0 specification such as Exceptions, Tail Call, and SIMD. Gain insights into the importance of re-emphasizing WASM compiler security and understand the potential risks to browser and user safety. Presented by security researchers Zong Cao, Yeqi Fu, Fangming Gu, Bohan Liu, and Zheng Wang, this talk offers valuable knowledge for those interested in web security and browser vulnerabilities.

Attacking the WebAssembly Compiler of WebKit