An Insider's Perspective on Integer Overflow Vulnerabilities
Challenges and Solutions from Identification to Mitigation at Microsoft
This talk will delve deep into one of the most prevalent memory safety issues on Windows: Integer Overflows. As members of the Microsoft Security Response Center (MSRC), we have the opportunity to see and react to every vulnerability that is reported to Microsoft. Over the past few years, MSRC has seen hundreds of Integer Overflow vulnerabilities, ranging from size overflows, integer truncations, overflows in checks, and reference counting overflows. We will cover the differences between these categories and investigate common pitfalls about the vulnerability root causes and their fixes.
After exploring the wide-ranging impact of Integer Overflows on Windows and other Microsoft products and services, we will then review MSRC’s plans to proactively identify and mitigate these vulnerabilities. In response to the accelerating trend of these cases, we will highlight both the short term (static analysis) and long term (holistic mitigations) efforts that MSRC is investing in.
This talk will include several Important-severity integer overflow vulnerabilities that we identified in Windows, including CVE-2022-29115, CVE-2022-41077, and more. We will explore how we discovered these vulnerabilities through static analysis, their potential impact, and how they were remediated.
Finally, we will outline some long-term efforts that MSRC is investing in, including a compiler mitigation prototype that we are developing to holistically mitigate subclasses of integer overflow issues (size overflows and truncations).
About the Presenter: George Hughey
George is passionate about Windows Security and pushing the envelope on improving the security landscape for all Windows users. Over the past three years, George has investigated and researched in many different areas and root causes for vulnerabilities in Windows. As a member of MSRC's Vulnerabilities and Mitigations Team, George is always looking for new ways to remediate the most pervasive vulnerabilities in the Windows ecosystem.
About the Presenter: Rohit Mothe
Rohit Mothe is a Security Researcher on the Vulnerabilities & Mitigations team at the Microsoft Security Response Center (MSRC) and has experience researching and exploiting vulnerabilities for almost a decade in various roles.