Loading...

Black Hat Asia 2014 - Persist It: Using and Abusing Microsoft's Fix It Patches

3,192 views

Loading...

Loading...

Transcript

The interactive transcript could not be loaded.

Loading...

Loading...

Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Apr 3, 2014

By: Jon Erickson

Microsoft has often used Fix It patches, which are a subset of Application Compatibility Fixes, as a way to stop newly identified active exploitation methods against their products. A common Fix It patch type used to prevent exploitation is the previously undocumented In Memory Fix It. This research first focuses on analyzing these in-memory patches. By extracting information from them researchers are able to better understand the vulnerabilities that Microsoft intended to patch. The research then focuses on reverse engineering the patches and using this information to provide the ability to create patches which can be used to maintain persistence on a system.

Loading...

When autoplay is enabled, a suggested video will automatically play next.

Up next


to add this to Watch Later

Add to

Loading playlists...