Probing The Far Corners Of Windows Ñ Using Code Characteristics To Find Security Bugs presented at BlueHat 2008

by Ian Hellen ( Microsoft ),

Tags: Security

Summary : This presentation will focus on methods identified as high-risk components that need special attention in the form of design and code reviews. The presenter will be covering the following topics:
Recap security review processes for Windows: where do we need to improve things?
What makes code high risk: the combination of attackable surface, security guarantees made, and quality of the design and code
How to identify and measure attack-surface components
How we identify components that make security guarantees
How we identify code quality (or at least where code is likely to be poor, more bug-prone, or simply naive)
How we add all this together to produce meaningful metrics
How this all fits (or will fit) into the Windows security review process
Case studies of where weíve used this to help track down serious bugs
Future plans to automate security testing based on the risk score outcome and code characteristics