Probing The Far Corners Of Windows Ñ Using Code Characteristics To Find Security Bugs

No ratings

Presented at BlueHat 2008 by

Ian Hellen

This presentation will focus on methods identified as high-risk components that need special attention in the form of design and code reviews. The presenter will be covering the following topics: Recap security review processes for Windows: where do we need to improve things? What makes code high risk: the combination of attackable surface, security guarantees made, and quality of the design and code How to identify and measure attack-surface components How we identify components that make security guarantees How we identify code quality (or at least where code is likely to be poor, more bug-prone, or simply naive) How we add all this together to produce meaningful metrics How this all fits (or will fit) into the Windows security review process Case studies of where weíve used this to help track down serious bugs Future plans to automate security testing based on the risk score outcome and code characteristics