This presentation is free of charge, but space is limited and allocated on a first-registered basis. Please register using the link below.
7:00-7:30pm Registration
7:30-8:30pm Presentation
In this one hour talk, Stephen will walk through modern exploit mitigations on the Microsoft Windows operating system and their effectiveness. One of the most infamous vulnerability classes is known as Use After Free (UAF), where an exploitable bug can yield a bounty exceeding $10,000 USD. Microsoft attempted to mitigate this lucrative vulnerability class in June and July, 2014 with new exploit mitigations known as Protected Free and Isolated Heaps. Researchers and attackers successfully identified techniques that can bypass these controls. These bypass techniques, as well as techniques used to bypass Microsoft's Enhanced Mitigation Experience Toolkit (EMET) will be addressed.