Wednesday 21 November 2012

Windows Shatter attacks (research links)

Following on my research on Win32 Messaging and the O2's Util - Windows Handles Viewer tool, I just started the day by (re)reading about the Windows Shatter attacks (since it used Windows Messages)

Here are a number of good resources I found:

I always find amazing how the security-focused research papers are a great source of 'how it REALY works' material, specially when compared with the normal/official content which describes 'how it works' , which is usually: 'how it should work' :)

This is one of the added-values that the 'Application Security' space should bring to the table. Instead of being a TAX on devs (and companies), Application Security should have the responsibility to describe and document WHAT is really happening, how it really WORKS, and what are the implications/interconnections of the code created/published (with security-vulns being one of the areas analysed/reported).