Lessons Learned from Eight Years of Breaking Hypervisors

Explore a comprehensive analysis of hypervisor vulnerabilities in this 55-minute Black Hat conference talk. Delve into the lessons learned from building and breaking various common hypervisors over eight years. Examine detailed case studies of vulnerabilities that have led to breakouts, including four previously undisclosed issues. Compare the attack surface of hypervisors with user mode applications and operating system kernels, highlighting how design choices impact security. Discover why many hypervisors aren't inherently designed with security in mind, and learn how superfluous code and poor design can lead to exploitable weaknesses. Gain valuable insights into hypervisor security, including recommendations for improved design and hardening techniques to enhance overall system protection.

Lessons Learned from Eight Years of Breaking Hypervisors