YoVDO

Function Overrides - From a Security Mitigation to a Full-Fledged Performance Feature

Offered By: Recon Conference via YouTube

Tags

REcon Conference Courses Memory Safety Courses Windows Kernel Courses

Course Description

Overview

Explore the evolution of Function Overrides, a groundbreaking technology developed by Microsoft for Windows 11 SV2 (22H2), in this 58-minute conference talk from Recon 2022. Delve into the origins of this feature as a security mitigation for memory safety bugs and its transformation into a comprehensive performance enhancement for the entire Windows Kernel. Gain insights into Microsoft's approach to balancing security and performance, with a focus on addressing issues related to Control Flow Guard (CFG). Learn about the internal implementation of Function Overrides in the NT and Secure Kernel, challenges encountered during development, and its impact on OS performance. Discover how Visual C++ and ASM compilers were modified to support this technology and how developers can leverage it for creating high-performance, secure applications. Conclude with a demonstration of Function Overrides in action on the latest Windows 11 system.

Syllabus

Recon 2022 - Function overrides from a security mitigation to a full fledge performance Feature in


Taught by

Recon Conference

Related Courses

Harnessing Intel Processor Trace on Windows for Fuzz
Recon Conference via YouTube
Reverse Engineering Satellite Based IP Content Distribution
Recon Conference via YouTube
Reverse Engineering Windows Defender's JavaScript Engine
Recon Conference via YouTube
DIY ARM Debugger for Wi-Fi Chips
Recon Conference via YouTube
Subverting Your Server Through Its BMC - The HPE iLO4 Case
Recon Conference via YouTube