[ISN] Microsoft Has a Big Date Set with 'Black Hat ' Hackers

InfoSec News isn at c4i.org
Fri Jun 16 04:29:32 EDT 2006


By Ryan Naraine 
June 13, 2006 

Microsoft's Windows Vista has a date with some of the world's smartest

The software maker will use the spotlight of the Black Hat security
conference in August to show off some of the key security features and
functionality being fitted into Vista.

Microsoft's appearance on the Black Hat stage is a first on many
fronts. Microsoft will be the first software vendor to present an
entire Black Hat Briefing track on a pre-release product. It is also
the first time a representative from Redmond Wash., will make an
official presentation at the controversial hacker confab.

According to Microsoft program manager Stephen Toulouse, the idea is
to provide "deeply technical presentations" on Vista security to the
hacking community. "We submitted several presentations to the Black
Hat event organizers and, based on the technical merit and interest to
the audience, they were accepted," Toulouse said.

In total, the day-long track will include five presentations from
Microsoft security engineers and Toulouse said researchers and
architects from Redmond will also be actively participating in the
event. "We want to make sure we're gathering as much feedback as we
can, so that Windows Vista succeeds as the most secure version of
Windows ever released," he added.

The sessions will include a talk by John Lambert, group manager in
Microsoft's Security Engineering and Communications Group on the
security engineering process behind Windows Vista.

Lambert is expected to hold up Vista as the first end-to-end major
operating system release in the Trustworthy Computing era from
Microsoft. His talk will cover how the Vista engineering process is
different from Windows XP and details from what is described as the

Lambert plans to give Black Hat researchers a sneak peek at some of
the new mitigations in Vista that combat memory overwrite

Wi-Fi in Vista will also come under the microscope when Noel Anderson,
group manager in Microsoft's wireless networking group, talks about
the way the operating system will handle support for 802.11 wireless

Anderson is expected to outline the new UI experience and updated
Wi-Fi default behaviors in Vista and information on a new software
stack that is designed to be more secure, more open and extensible. He
is expected to describe the various components of the stack and show
developers how to create code to modify and extend the client.

Anderson will also outline the different ways Microsoft tests Wi-Fi in
the new operating system.

Also on the Black Hat agenda is a talk by Abolade Gbadegesin, an
architect in Microsoft's Windows Networking and Device Technologies
Division, on the way Microsoft rearchitected and rewrote the TCP/IP
stack in Vista.

Adrian Marinescu, a lead developer in the Windows Kernel group will
outline the enhancements made in Vista's heap manager to show how the
OS has been hardened to thwart certain types of heap usage attacks.

Microsoft previously fitted technology into Windows Server 2003 and
Windows XP SP2 to reduce the reliability of heap usage attacks, but
Marinescu plans to talk about how the heap manager in Vista pushes the
innovation much further in that area. His talk will describe the
challenges the company faced and the technical details of the changes
coming in Vista.
Microsoft's oft-criticized Internet Explorer browser will also get
Black Hat billing this year when IE program manager Tony Chor
discusses the security engineering methodology that is being applied
to the new IE 7. Chor is expected to detail key vulnerabilities and
attacks this methodology revealed, as well as how the new version of
IE will mitigate those threats.

Also on tap is a talk by Andrew Cushman, director of Microsoft's
Security Response, Engineering and Outreach Team, on the way the
company has changed its internal processes to deal with the changing
security landscape.

Microsoft won't be alone shining the spotlight on Vista's security.  
Joanna Rutkowska, a renowned researcher specializing in rootkits,
plans to talk about the stealthy malware threats can still be inserted
into the latest Vista Beta 2 kernel (x64 edition).

Rutkowska is expected to show how to bypass the Vista policy for
allowing only digitally signed code to be loaded into the kernel.

More information about the ISN mailing list