Microsoft Has a Big Date Set with Black Hat Hackers

The software maker will use the upcoming Black Hat security conference to show off some of the key security features and functionality being fitted into Vista.

Microsofts Windows Vista has a date with some of the worlds smartest hackers.

The software maker will use the spotlight of the Black Hat security conference in August to show off some of the key security features and functionality being fitted into Vista.

Microsofts appearance on the Black Hat stage is a first on many fronts. Microsoft will be the first software vendor to present an entire Black Hat Briefing track on a pre-release product. It is also the first time a representative from Redmond Wash., will make an official presentation at the controversial hacker confab.

According to Microsoft program manager Stephen Toulouse, the idea is to provide "deeply technical presentations" on Vista security to the hacking community. "We submitted several presentations to the Black Hat event organizers and, based on the technical merit and interest to the audience, they were accepted," Toulouse said.

In total, the day-long track will include five presentations from Microsoft security engineers and Toulouse said researchers and architects from Redmond will also be actively participating in the event. "We want to make sure were gathering as much feedback as we can, so that Windows Vista succeeds as the most secure version of Windows ever released," he added.

The sessions will include a talk by John Lambert, group manager in Microsofts Security Engineering and Communications Group on the security engineering process behind Windows Vista.

Lambert is expected to hold up Vista as the first end-to-end major operating system release in the Trustworthy Computing era from Microsoft. His talk will cover how the Vista engineering process is different from Windows XP and details from what is described as the "largest-commercial-pentest-in-the-world."

Lambert plans to give Black Hat researchers a sneak peek at some of the new mitigations in Vista that combat memory overwrite vulnerabilities.

Wi-Fi in Vista will also come under the microscope when Noel Anderson, group manager in Microsofts wireless networking group, talks about the way the operating system will handle support for 802.11 wireless technologies.

Anderson is expected to outline the new UI experience and updated Wi-Fi default behaviors in Vista and information on a new software stack that is designed to be more secure, more open and extensible. He is expected to describe the various components of the stack and show developers how to create code to modify and extend the client.

Anderson will also outline the different ways Microsoft tests Wi-Fi in the new operating system.

Also on the Black Hat agenda is a talk by Abolade Gbadegesin, an architect in Microsofts Windows Networking and Device Technologies Division, on the way Microsoft rearchitected and rewrote the TCP/IP stack in Vista.

Adrian Marinescu, a lead developer in the Windows Kernel group will outline the enhancements made in Vistas heap manager to show how the OS has been hardened to thwart certain types of heap usage attacks.

Microsoft previously fitted technology into Windows Server 2003 and Windows XP SP2 to reduce the reliability of heap usage attacks, but Marinescu plans to talk about how the heap manager in Vista pushes the innovation much further in that area. His talk will describe the challenges the company faced and the technical details of the changes coming in Vista.

Microsofts oft-criticized Internet Explorer browser will also get Black Hat billing this year when IE program manager Tony Chor discusses the security engineering methodology that is being applied to the new IE 7. Chor is expected to detail key vulnerabilities and attacks this methodology revealed, as well as how the new version of IE will mitigate those threats.

Also on tap is a talk by Andrew Cushman, director of Microsofts Security Response, Engineering and Outreach Team, on the way the company has changed its internal processes to deal with the changing security landscape.

Microsoft wont be alone shining the spotlight on Vistas security. Joanna Rutkowska, a renowned researcher specializing in rootkits, plans to talk about the stealthy malware threats can still be inserted into the latest Vista Beta 2 kernel (x64 edition).

Rutkowska is expected to show how to bypass the Vista policy for allowing only digitally signed code to be loaded into the kernel.


Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.