Escaping Windows Sandboxes - Tom Keetch - Hack in Paris
Offered By: Hack in Paris via YouTube
Course Description
Overview
Explore the vulnerabilities in Microsoft's "practical sandboxing" techniques used by popular applications like Internet Explorer, Adobe Reader, and Google Chrome. Dive into an evaluation of three consumers of these sandbox mechanisms, examining their similarities, differences, and inherent flaws. Learn about exploit mitigations, integrity levels, and protection modes while understanding the methodology behind identifying weaknesses in these security measures. Gain insights into vendor responses and recent developments in sandbox escape techniques. This updated conference talk, originally presented at Black Hat Europe, offers a comprehensive look at escaping Windows sandboxes and the implications for memory corruption attacks.
Syllabus
Introduction
Exploit Mitigations
Overview
Methodology
Protector Mode
Checklist
Integrity Levels
Protection Mode
Weaknesses
Renderer
Taught by
Hack in Paris
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network