Мануал/Книга Examining The Cost Of “Nickel and Dime” Exploit Mitigations (Windows kernel)

[varwar]

По кусочкам информация уже была в разных твиттерах и на форуме threads/85512/, в презентации нового ничего нет. Это скорее для тех, кто в одном месте хочет получить всю информацию.
Убить PreviousMode и обход KASLR планируют в 24H2, хотя ранее попадалась информация, что это будет уже сделано в 23H2 (по какой причине изменили дату релиза остается только догадываться), так что живем.

Презентация: https://github.com/connormcgarr/Pre...73/McGarr-SUMMIT-HackFest-2023-Deck-FINAL.pdf

 

[voldemort]

How many exploits mitigation are there ? if they enable all of them it will harden Windows Exploitation but why Microsoft don't turn them all by default ?

 

[varwar]

if they enable all of them it will harden Windows Exploitation but why Microsoft don't turn them all by default ?

Who knows. Maybe performance, compatibility, hardware issues which can affect users. By smallsoft security standards, many systems are outdated, lol.

https://www.pdx.edu/technology/blog/windows-10-end-life-hardware-budgeting

Another interesting example is EOL systems. Me personally got last updates on Windows 11 machine and it's not updated further - stayed vulnerable for 1-days after October patch Tuesday. This shit is not rare based on the google requests.

I think that all hackers should die (seppuku is a good option) and words "operating system security", "hardware security" should not exist and must be reinvented/downgraded (OS, hardware) for the sake of performance and not security features overwhelming.