Problem

More documents

Recommendations

Info

1. Allocate object p = new COptionElement(); // 2. Free object delete p; Attacker reallocates p as a new type // 3. Use freed object p->Foo(); // 2. Zero object, but don’t free ZeroMemory(p, sizeof(T)); // 3. Garbage collection phase frees all objects with no references (stack, registers, heap) Tactic Applies to First shipped Eliminate entire classes of vulnerabilities Edge on Windows 10 and backported to IE9+ on Windows Vista+ July, 2015 (Windows 10 RTM)
Tactic Applies to First shipped Eliminate entire classes of vulnerabilities Edge and IE11 on Windows 10 and backported to IE10+ on Windows 7+ July, 2015 (Windows 10 RTM)
Page 3 and 4: • S Problem: Preventative Securit
Page 5 and 6: Internal Data Sources External Data
Page 7 and 8: Percentage of Use Analysis: 90 80 7
Page 9 and 10: Assume Breach Prevent Breach Threat
Page 11 and 12: REDTEAM: Model real-world attacks
Page 15: Internet Explorer, Edge, & Chakra S
Page 20: No legacy document modes No legacy
Page 24 and 25: Place array length at a predictable
Page 26 and 27: Return addresses are not protected
Page 28: Execute arbitrary native code Code
Page 31 and 32: Non-paged pool System Page tables c
Page 34: Win32 Process Store App AppContaine
Page 38 and 39: Legend 2/4/2014 CVE-2014-0497 Explo

Problem

Create successful ePaper yourself

Delete template?

Save as template?