Jin Liu is a security researcher of McAfee IPS Research Team. Jin is mainly focused on vulnerability research, and he is specialized in vulnerability analysis and exploitation, with especially deep diving in browser vulnerability research on Windows platform.
Chong Xu received his PhD degree from Duke University with networking and security focus. He is currently a director leading McAfee Labs IPS team, which leads the McAfee Labs vulnerability research, malware and APT detection, botnet detection, and feeds security content and advanced detection features to McAfee's network IPS, host IPS, and firewall products, as well as global threat intelligence.
[Abstract]
==========
In the past few years, the attack and defense of vulnerability exploitation has rapidly evolved, especially for those high-risk applications, such as Microsoft Edge browser. Many new mitigation features have been introduced to Edge browser and Windows operating system, such as CFG, ACG and Win32K Type Isolation. Although these mitigations do help raise the bar for the exploit writer, this cat-and-mouse game is far from over.
In this talk, we will present several interesting examples of vulnerability and exploitation tricks, and discuss how to make reliable Edge RCE exploit on Windows 10 x64.