Problem
us-16-Weston-Windows-10-Mitigation-Improvements
us-16-Weston-Windows-10-Mitigation-Improvements
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Legend<br />
2/4/2014<br />
CVE-2014-0497<br />
Exploited within 10 days of patch<br />
Exploited as 0day<br />
Exploited within 30 days of patch<br />
4/28/2014<br />
CVE-2014-0515<br />
9/9/2014<br />
CVE-2014-0556<br />
11/15/2014<br />
CVE-2014-9163<br />
1/16/2015<br />
CVE-2015-0310<br />
2/27/15<br />
CVE-2014-4130<br />
2/2/2015<br />
CVE-2015-0313<br />
10/14/2014<br />
1/20/2015<br />
CVE-2014-0569<br />
CVE-2015-0311<br />
11/11/2014<br />
CVE-2014-8440<br />
2/11/2015<br />
CVE-2015-3043<br />
3/20/2015<br />
CVE-2014-0336<br />
5/26/2015<br />
CVE-2015-3090<br />
7/17/2015<br />
CVE-2015-5122<br />
6/16/2015<br />
CVE-2015-3104<br />
6/27/2015<br />
CVE-2015-3113<br />
4/17/2015<br />
CVE-2015-0359<br />
8/29/2015<br />
CVE-2015-5560<br />
7/24/2015<br />
CVE-2015-2419<br />
12/12/15<br />
CVE-2015-8446<br />
7/7/2015<br />
CVE-2015-5119 10/13/2015<br />
12/24/2015<br />
7/21/2015 CVE-2015-7645<br />
CVE-2015-8651<br />
CVE-2015-1671<br />
12/29/2015<br />
CVE-2016-1010<br />
3/18/2016<br />
CVE-2016-4117<br />
3/26/2016<br />
CVE-2016-1001<br />
5/5/2016<br />
CVE-2016-4171<br />
4/4/2016<br />
CVE-2016-1019<br />
Control-flow Enforcement Technology<br />
(CET)<br />
• Indirect branch tracking via<br />
ENDBRANCH<br />
• Return address protection via<br />
shadow stack<br />
Hardware-assists for helping to mitigate<br />
control-flow hijacking & ROP<br />
April 2014 July 2014 October 2014 January 2015 April 2015 July 2015 October 2015 January 2016 April 2016 July 2016<br />
Preview specification:<br />
https://software.intel.com/sites/default/files/managed/<br />
4d/2a/control-flow-enforcement-technologypreview.pdf