Keynote记忆安全语言救不了你

Memory SafeLanguages Won’t Save YouYarden ShafirAbout me•Security Engineer & Researcher•Windows Internals researcher•Former EDR developer•Likes to research exploits, mitigations and post-exploitation techniques•Former circus artistMemory Bugs are Everywhere•~70% of reported software bugs are memory bugsGoogle Chrome analysis, 2015-2020Microsoft analysis, 2006-2018Presented by Matt Miller at BlueHatIL2019Microsoft CVEs root cause2015-2023Software Memory Safety•A lot of new code is written in Rust, Go, C#•But it’s not always written very well•In 2023 CISA issued an advisory for “The Urgent Need for Memory Safety in Software Products”•Encourages companies to use memory safe languages in future projects•Microsoft is (re)writing some components in rust•Some parts of Win32k, Sudo, OpenVMMWill Memory Safety Kill Exploitation?•Nope•Memory safe != Bug free•Memory safe languages still contain “unsafe” code blocks•Memory safe languages defend againstmemory vulnerabilities•Attackers are already mo