web analytics

Attack Method Highlights Weaknesses in Microsoft CFG

By Tom Spring
 
                                           
 

Researchers at Endgame have been evaluating an exploitation technique called Counterfeit Object-Oriented Programming (COOP) to bypass Control Flow Integrity (CFI) implementations such as that used by Microsoft to harden the defenses of Windows 10.

 

Microsoft added its mitigation, called Control Flow Guard (CFG), in Windows 8.1 and Windows 10 to make exploitation of memory-based vulnerabilities more difficult. However, attackers have been adapting to the new defenses and the likely next move is to bypass CFG and attack other weaknesses. Endgame researchers aimed to evaluate the COOP attacks against modern CFI implementations, whether it be Microsoft’s CFG or Endgame’s own solution (HA-CFI), in order to measure effectiveness of this type of cutting-edge attack technique.

 

Full Article

Take a look at the best antivirus, anti-malware, anti-spy, etc. software

Powered by WPeMatico