Function Overrides - From a Security Mitigation to a Full-Fledged Performance Feature
Offered By: Recon Conference via YouTube
Course Description
Overview
Explore the evolution of Function Overrides, a groundbreaking technology developed by Microsoft for Windows 11 SV2 (22H2), in this 58-minute conference talk from Recon 2022. Delve into the origins of this feature as a security mitigation for memory safety bugs and its transformation into a comprehensive performance enhancement for the entire Windows Kernel. Gain insights into Microsoft's approach to balancing security and performance, with a focus on addressing issues related to Control Flow Guard (CFG). Learn about the internal implementation of Function Overrides in the NT and Secure Kernel, challenges encountered during development, and its impact on OS performance. Discover how Visual C++ and ASM compilers were modified to support this technology and how developers can leverage it for creating high-performance, secure applications. Conclude with a demonstration of Function Overrides in action on the latest Windows 11 system.
Syllabus
Recon 2022 - Function overrides from a security mitigation to a full fledge performance Feature in
Taught by
Recon Conference
Related Courses
Harnessing Intel Processor Trace on Windows for FuzzRecon Conference via YouTube Reverse Engineering Satellite Based IP Content Distribution
Recon Conference via YouTube Reverse Engineering Windows Defender's JavaScript Engine
Recon Conference via YouTube DIY ARM Debugger for Wi-Fi Chips
Recon Conference via YouTube Subverting Your Server Through Its BMC - The HPE iLO4 Case
Recon Conference via YouTube