Problem
us-16-Weston-Windows-10-Mitigation-Improvements
us-16-Weston-Windows-10-Mitigation-Improvements
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
1. Allocate object<br />
p = new COptionElement();<br />
// 2. Free object<br />
delete p;<br />
Attacker reallocates p as<br />
a new type<br />
// 3. Use freed object<br />
p->Foo();<br />
// 2. Zero object, but don’t free<br />
ZeroMemory(p, sizeof(T));<br />
// 3. Garbage collection phase<br />
frees all objects with no references<br />
(stack, registers, heap)<br />
Tactic Applies to First shipped<br />
Eliminate entire classes of vulnerabilities Edge on Windows 10 and backported to IE9+ on Windows Vista+ July, 2015 (Windows 10 RTM)