by Matt Miller + David Weston, Microsoft
60min
Microsoft's Windows 10 the Creators updates features a number of new and groundbreaking technologies for mitigating remote code execution. In this talk, we will cover Microsoft's "four strategic pillars" for preventing remote code execution: Code integrity, Stack protection, Control Flow Integrity, and arbitrary code generation prevention and how they work together to make exploit developers lives much harder. We will also include design and technical details on the numerous new innovative prevention features that Microsoft has introduced into Windows 10 and Microsoft Edge in the creator's edition to deliver on this strategy. Along the way, the speakers will provide insights into the challenges' of implementing disruptive mitigation technology into an operating system used by over a billion people. We will also illustrate how Microsoft leverages its own team of world class offensive exploit developers to aide in the development and design of mitigations. This talk is a must see for anyone interested in attacking or defending Windows 10.