Problem
us-16-Weston-Windows-10-Mitigation-Improvements
us-16-Weston-Windows-10-Mitigation-Improvements
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
“Assume Breach”<br />
PWN2OWN & Data Influenced Mitigations<br />
CFG: suppress sensitive APIs<br />
Flash: Eliminate RWX ATL thunks<br />
Junctions: Prevent sandbox processes<br />
from creating NTFS junctions – TH1<br />
Fonts: Move font parsing to user mode<br />
sandbox<br />
Edge: Prevent content processes from<br />
creating child processes<br />
Edge: Enable win32k system call<br />
restrictions<br />
How do we design effective mitigations pro-actively?