-
- Current Site
Security Training- Choose a different site Help
Security Certification
Internet Storm Center
College Cybersecurity Programs
Security Awareness Training
Blue Team Operations
Forensics & Incident Response
Offensive Operations
Industrial Control Systems
Cloud Security
Cybersecurity Leadership
Government Private Training
Bonus Session Registration
Keeping One Step Ahead: Bypassing Modern Windows Exploit Mitigations
- Stephen Sims, SANS Senior Instructor
- Tuesday, March 17th, 7:00pm - 8:30pm
This presentation is free of charge, but space is limited and allocated on a first-registered basis. Please register using the link below.
7:00-7:30pm Registration
7:30-8:30pm Presentation
In this one hour talk, Stephen will walk through modern exploit mitigations on the Microsoft Windows operating system and their effectiveness. One of the most infamous vulnerability classes is known as Use After Free (UAF), where an exploitable bug can yield a bounty exceeding $10,000 USD. Microsoft attempted to mitigate this lucrative vulnerability class in June and July, 2014 with new exploit mitigations known as Protected Free and Isolated Heaps. Researchers and attackers successfully identified techniques that can bypass these controls. These bypass techniques, as well as techniques used to bypass Microsoft's Enhanced Mitigation Experience Toolkit (EMET) will be addressed.
