The Latest in IT Security

Attack Method Highlights Weaknesses in Microsoft CFG

28
Apr
2017
Attack Method Highlights Weaknesses in Microsoft CFG

parallels-desktop-10

Researchers at Endgame have been evaluating an exploitation technique called Counterfeit Object-Oriented Programming (COOP) to bypass Control Flow Integrity (CFI) implementations such as that used by Microsoft to harden the defenses of Windows 10.

Microsoft added its mitigation, called Control Flow Guard (CFG), in Windows 8.1 and Windows 10 to make exploitation of memory-based vulnerabilities more difficult. However, attackers have been adapting to the new defenses and the likely next move is to bypass CFG and attack other weaknesses.

Read More

Leave a reply


Categories

SUNDAY, NOVEMBER 19, 2017

Featured

Archives

Latest Comments

Social Networks