The Joy of Sandbox Mitigations presented at troopers 2016

by James Forshaw,

Summary : When researchers think of Microsoft Windows process mitigations they're likely to come up with DEP and ASLR. However Microsoft has been adding a number lesser known mitigations ranging from blocking Win32k system calls to reducing a sandbox's attack surface which already assume RCE has been achieved. This presentation will describe the implementation of these less well known mitigations, some silly bypasses and bugs in their implementations as well as how you can use them in real world code to improve the security of your own applications.