Researchers at Endgame have been evaluating an exploitation technique called Counterfeit Object-Oriented Programming (COOP) to bypass Control Flow Integrity (CFI) implementations such as that used by Microsoft to harden the defenses of Windows 10.
Microsoft added its mitigation, called Control Flow Guard (CFG), in Windows 8.1 and Windows 10 to make exploitation of memory-based vulnerabilities more difficult. However, attackers have been adapting to the new defenses and the likely next move is to bypass CFG and attack other weaknesses. Endgame researchers aimed to evaluate the COOP attacks against modern CFI implementations, whether it be Microsoft’s CFG or Endgame’s own solution (HA-CFI), in order to measure effectiveness of this type of cutting-edge attack technique.
Full Article
Take a look at the best antivirus, anti-malware, anti-spy, etc. software
Powered by WPeMatico