Search

Infosec In the City (IIC)
- Feb 4, 2018
- 1 min read

A Bridge Too Far — by James Forshaw

#IICSG2018 Conference Deep-Tech Track

Day 2 (25 May 2018)

10.30am—11.15am

@ Stamford Ballroom (Olivia)

[#IICSG2018 Conference Full Schedule]

Abstract

In Windows 10 Anniversary Edition, Microsoft introduced Desktop Bridge, originally known as Project Centennial. This technology allows normal Win32 applications to be converted to run as self-contained Windows Store applications, redirecting file and registry access to allow the application to easily be uninstalled leaving no remaining footprint. To support Desktop Bridge, Microsoft had to change a number of different parts of the OS including the Kernel and system services.

This presentation will be an in-depth look at how Desktop Bridge works as well as a look at some of the bugs I've discovered in the various components which make up the technology.

About James Forshaw

James Forshaw is a security researcher in Google's Project Zero. He has been involved with computer hardware and software security for over 10 years looking at a range of different platforms and applications. With a great interest in logical vulnerabilities, he's been listed as the #1 researcher for MSRC, as well as being a Pwn2Own and Microsoft Mitigation Bypass bounty winner. He has spoken at a number of security conferences including Black Hat USA, CanSecWest, Bluehat, HITB, and Infiltrate. He's also the author of the book "Attacking Network Protocols" available from NoStarchPress.

Recent Posts

Deep Dive Into postMessage Security — by Tatiana Mikhailova

Reverse Engineering Android Native Libraries — by Terry Chia

Automating & Tooling Your Own CAN Hacking Tool On a Cheap Car Hacking Adventure — by Jay Turla