Keeping One Step Ahead: Bypassing Modern Windows Exploit Mitigations
- Stephen Sims, SANS Senior Instructor
- Tuesday, March 17th, 7:00pm - 8:30pm
This presentation is free of charge, but space is limited and allocated on a first-registered basis. Please register using the link below.
In this one hour talk, Stephen will walk through modern exploit mitigations on the Microsoft Windows operating system and their effectiveness. One of the most infamous vulnerability classes is known as Use After Free (UAF), where an exploitable bug can yield a bounty exceeding $10,000 USD. Microsoft attempted to mitigate this lucrative vulnerability class in June and July, 2014 with new exploit mitigations known as Protected Free and Isolated Heaps. Researchers and attackers successfully identified techniques that can bypass these controls. These bypass techniques, as well as techniques used to bypass Microsoft's Enhanced Mitigation Experience Toolkit (EMET) will be addressed.
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
|Keeping One Step Ahead: Bypassing Modern Windows Exploit Mitigations||Stephen Sims, SANS Senior Instructor||Tuesday, March 17th, 7:00pm - 8:30pm||SANS@Night|
|International eDiscovery and Digital Forensics||BJ Gleason, SANS Instructor||Wednesday, March 18th, 6:00pm - 7:30pm||SANS@Night|
|Continuous Ownage: Why You Need Continuous Monitoring||Seth Misenar, SANS Principal Instructor||Thursday, March 19th, 5:30pm - 8:30pm||SANS@Night|