"New "Turning Tables" Technique Bypasses All Windows KernelMitigations"
VanguardLH wrote:
Don't know what is the speaker's native language
From the presentation, I would have guessed Russian, but from the
company details, more likely Hebrew?
Need to practice those speeches
Yes, running through it with an audience of colleagues, who can be very
critical, would have helped the structure, and then practising a script
several times.
They have assumed the audience doesn't know how shared virtual memory
works with protection flags such as RO and COW etc, so spent a lot of
time on that, but glossed over how the exploit manages to manipulate the
protection to allow 'A' to write to their copy of the page such that 'B'
will run the code.
|