Symposium sur la sécurité des technologies de l'information et des communications

Conférence francophone sur le thème de la sécurité de l'information.
Elle a eu lieu à Rennes du 3 au 5 juin 2020.

Scoop the Windows 10 Pool!Corentin Bayet, Paul Fariello


Date : 05 juin 2020 à 11:45 — 30 min.

Heap Overflow are a fairly common vulnerability in applications. Exploiting such vulnerabilities often rely on a deep understanding of the underlying mechanisms used to manage the heap. Windows 10 recently changed the way it managed its heap in kernel land.

This article aims at presenting the recent evolution of the heap mechanisms in Windows Kernel and to present new exploitation techniques specific to the kernel Pool.