Secure Singapore 2015

Singapore, Singapore | Mon, Mar 9 - Sat, Mar 21, 2015

Keeping One Step Ahead: Bypassing Modern Windows Exploit Mitigations

  • Stephen Sims, SANS Senior Instructor
  • Tuesday, March 17th, 7:00pm - 8:30pm

This presentation is free of charge, but space is limited and allocated on a first-registered basis. Please register using the link below.

7:00-7:30pm Registration

7:30-8:30pm Presentation

In this one hour talk, Stephen will walk through modern exploit mitigations on the Microsoft Windows operating system and their effectiveness. One of the most infamous vulnerability classes is known as Use After Free (UAF), where an exploitable bug can yield a bounty exceeding $10,000 USD. Microsoft attempted to mitigate this lucrative vulnerability class in June and July, 2014 with new exploit mitigations known as Protected Free and Isolated Heaps. Researchers and attackers successfully identified techniques that can bypass these controls. These bypass techniques, as well as techniques used to bypass Microsoft's Enhanced Mitigation Experience Toolkit (EMET) will be addressed.

 

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
Tuesday, March 17
Session Speaker Time Type
Keeping One Step Ahead: Bypassing Modern Windows Exploit Mitigations Stephen Sims, SANS Senior Instructor Tuesday, March 17th, 7:00pm - 8:30pm SANS@Night
Wednesday, March 18
Session Speaker Time Type
International eDiscovery and Digital Forensics BJ Gleason, SANS Instructor Wednesday, March 18th, 6:00pm - 7:30pm SANS@Night
Thursday, March 19
Session Speaker Time Type
Continuous Ownage: Why You Need Continuous Monitoring Seth Misenar, SANS Principal Instructor Thursday, March 19th, 5:30pm - 8:30pm SANS@Night