Saruhan Karademir, Microsoft
David Weston, Microsoft
Windows Defender Application Guard (WDAG) brings the next generation isolation into the browser space. It merges the best of Hyper-V virtualization and Microsoft Edge sandboxing technologies to bring hardware-enforced isolation of untrusted websites from the user’s data and operating system. In this talk, we will walk through the WDAG security promise and architecture. We will explain how it was built from the ground up with security as the number one priority showcasing the architectural decisions that added layers of defense. Finally, we explore how Microsoft’s internal security teams engaged from the very beginning of this feature’s development, helping shape WDAG’s design, finding and fixing critical vulnerabilities, and building additional defense-in-depth layers before the product reached a single customer.
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
BlueHat v17 || Securing Windows Defender Application Guard
1. David “dwizzzle” Weston
Securing Windows
Defender Application
Guard
Microsoft, Windows and Devices
Device Security Group Manager
Saruhan “manbun” Karademir
Information Security
Microsoft, Windows and Devices
2. Eliminate entire classes of vulnerabilities
Break exploitation techniques
Contain damage & prevent persistence
Limit the window of opportunity to exploit
4. Edge
Manager
AppContainer
Content
AppContainer
Store App
AppContainer
Adobe Flash
AppContainer
Win32
Process
User Mode Font
Driver Host
AppContainer
• UWP apps all run within an
AC
• Edge uses a multi-AC design
for isolation
• Office Protected view in n AC
• Flash Runs in a separate AC
• Win32k system call filtering is
enabled for Edge
Windows 10 Fall Creators
Update
• New AppContainer profile
(LPAC) reduces broker
surface by 90%!
• Edge refactored to remove
most of GDI
System Call Filter
AppContainer
Properties
Security boundary Microsoft will address vulnerabilities that can violate AC security boundary
Capability-based resource access Network, file, registry, and device access are restricted (both read and write)
Locked down process No symbolic links, reduced attack surface, and various mitigations on by default
5. 2 2 1 6 5 5 6 5 14 15
Kernel exploitation trends
Ubiquitous user-mode sandboxing has driven
attackers to kernel attack surface
Windows kernel is a “target rich” environment
User-mode sandbox isolation leaves a large
kernel attack surface (~2000 system calls)
Windows not well suited to software kernel
filtering (e.g. seccomp-bpf)
Most applications have legacy dependency on
kernel limiting effectiveness of filtering
Kernel attacks are the top path for sandbox escape
6. Privileged Access Workstation
Strong kernel isolation for applications running
in the guest
Separate identity and resource infrastructure
Can be extended to arbitrary application
scenarios
Qubes OS
Desktop PAW
Locked down host
V-Switch V-Switch
Strengths
Weaknesses
High resource requirements
Difficult experience for non-technical users
Expensive configuration
7. • Lightest weight container.
• Application isolated using
file system and registry
virtualization.
• Used for centennial as a
bridge
• No Security guarantees
• Container providing an
isolated the user session
• Shares kernel
• Used to achieve higher
density in cloud and
server deployments.
• No a security boundary
• Container that uses a
lightweight VM
• Hypervisor boundary.
• Used in hostile multi-tenant
hosting.
• Commercially known as a
“Hyper-V container”
• Container that uses a
lightweight VM
• Resistant to kernel
attacks Runs a
separate kernel from
the host.
8. Resource sharing between
guest and host
VM accesses a file, data is
transferred into physical pages
of the guest
Pages are backed by private
virtual memory on the host.
Direct Map
Physically-backed VMs statically
mapped
VA backed VMs have “hot hint”
indicate set of physical pages
should be mapped into the
guest
Reduces number of memory
intercepts generated by the
guest.
Memory Enlightenment
No scheduler in the hypervisor
Remove extra scheduling layer
Take advantage of the existing
NT scheduler features
Improved CPU resource
tracking/management
Root schedules all VP-backing
threads
Integrated Scheduler
22. Host User Mode
VMSwitch
Hyper-V Container
System
Processes
WinNAT
LSASS
Network
Adapter(s)
LSASS
HVSIMgr
Process
DNS
Client
Microsoft
Edge
DNS
Client
23. Host User Mode
VMSwitch
Hyper-V Container
System
Processes
WinNAT
LSASS
Network
Adapter(s)
LSASS
HVSIMgr
Process
DNS
Client
Microsoft
Edge
DNS
Client
QueryContextAttributesEx(
PCtxtHandle ContextHandle,
ULONG Attribute,
ULONG BufferLength,
24. Host User Mode
VMSwitch
Hyper-V Container
System
Processes
WinNAT
LSASS
Network
Adapter(s)
LSASS
HVSIMgr
Process
DNS
Client
Microsoft
Edge
DNS
Client
QueryContextAttributesEx(
PCtxtHandle ContextHandle,
ULONG Attribute,
ULONG BufferLength,
typedef struct
PCtxtHandle
{
ULONG_PTR dwLower ;
ULONG_PTR dwUpper ;
}
28. Host User Mode
Hyper-V Container
System
Processes
Microsoft
Edge
System Processes
HVSIMgr
Process
Microsoft
Edge
VM Worker
Process
RDP Server
User Session
29. • Limited Codec SupportAudio
• Only Text and ImagesClipboard
• Limited by GPO policyPrinter
Input Devices
• Restricted for WDAGDesktop Integration
• Shared memoryDisplay
30. Host User Mode
Hyper-V Container
System
Processes
Microsoft
Edge
System Processes
HVSIMgr
Process
Microsoft
Edge
VM Worker
Process
RDP Server
User Session
31. Host User Mode
Hyper-V Container
System
Processes
Microsoft
Edge
System Processes
HVSIMgr
Process
Microsoft
Edge
VM Worker
Process
RDP Server
User Session
32.
33. Host User Mode
Hyper-V Container
System
Processes
Microsoft
Edge
System Processes
HVSIMgr
Process
Microsoft
Edge
VM Worker
Process
RDP Server
User Session
HVSIRDP
Client
Process
HVSIRPCD
Process
Mitigations
• Win32K Filter
• CFG Strict
• Image load
Restrictions
• Microsoft-only
• No Remote
• ACG
• No Child Process
creation
35. Host User Mode
Hyper-V Container
System
Processes
Microsoft
Edge
System Processes
HVSIMgr
Process
Microsoft
Edge
VM Worker
Process
User Session
HVSIRDP
Client
Process
HVSIRPCD
Process
HVSI
Container
Service
dll
36. Host User Mode
Hyper-V Container
System
Processes
Microsoft
Edge
System Processes
HVSIMgr
Process
Microsoft
Edge
VM Worker
Process
User Session
HVSIRDP
Client
Process
HVSIRPCD
Process
HVSI
Container
Service
dll
37. Report vulnerabilities &
mitigation bypasses via our
bounty programs!
https://aka.ms/bugbounty
Or come work with us. We’re hiring
https://aka.ms/cesecurityopenjobs
https://aka.ms/wdgsecurityjobs
Windows is investing and performance and OS
integration to improve container density and scale
Conclusion
Extend WDAG technology to contain arbitrary apps
38. Follow us on the MSRC Blogs to get information on new bounties
https://blogs.technet.microsoft.com/msrc/
Windows Bounty Program includes all critical and important bugs in:
Windows Insider Preview
Hyper-V
Microsoft Edge
Windows Defender Application Guard
New Microsoft Bounty Programs | Additions
39. Windows Bounty Program Targets
Submit:
Critical and important vulnerabilities in Windows Insider Preview slow
Hyper-V escapes, Information disclosure and DOS bugs in Hyper-V
This continues our effort in finding bugs in various stages of development
Category Targets Windows Version Payout range (USD)
Base
NEW
Windows Insider Preview
WIP slow $500 to $15,000
Focus area
NEW
Microsoft Hyper-V
Windows 10
Windows Server 2012 Windows Server 2012 R2
Windows Server Insider Preview
$5,000 to $250,000
Focus area
NEW
Windows Defender
Application Guard
WIP slow $500 to $50,000
Focus area Microsoft Edge WIP slow $500 to $15,000
Focus area
Mitigation bypass and
Bounty for defense
Windows 10 $500 to $200,000
40. Vulnerability Type in Windows
Insider Preview Slow
Whitepaper / Report Quality/
Proof of Concept
Pay-out Range(USD)
Remote Code Execution
High Up to $15,000
Low Up to $1,500
Elevation of Privilege
High Up to $10,000
Low Up to $5,000
Information Disclosure
High Up to $5,000
Low Up to $2,500
Remote Denial of Service
High Up to $5,000
Low Up to $2,500
Tampering / Spoofing
High Up to $5,000
Low Up to $2,500
Submit high quality critical and important vulnerabilities in Windows
Insider Preview slow
Windows Bounty Program Targets
41. Vulnerability Type
Proof of
concept
Functioning
Exploit
Report Quality Payout range (USD)
Vulnerability resulting
in escape from the
WDAG container to
the host
Required
Yes High $30,000
No High $20,000
No Low $10,000
Vulnerability within the
Application Guard
container, no container
escape
Required
No High $10,000
No Low $2,000
Windows Defender Application Guard
Editor's Notes
matt
matt
dave
We aren’t there yet. We have a bunch of work to do.
We all need to help.
Drive customer passion and engagement. WDG-IS is a customer…
Find efficiencies, keep the bottom line down.
Be willing to take risks, break how we have done things in the past.
We aren’t there yet. We have a bunch of work to do.
We all need to help.
Drive customer passion and engagement. WDG-IS is a customer…
Find efficiencies, keep the bottom line down.
Be willing to take risks, break how we have done things in the past.
We aren’t there yet. We have a bunch of work to do.
We all need to help.
Drive customer passion and engagement. WDG-IS is a customer…
Find efficiencies, keep the bottom line down.
Be willing to take risks, break how we have done things in the past.
We aren’t there yet. We have a bunch of work to do.
We all need to help.
Drive customer passion and engagement. WDG-IS is a customer…
Find efficiencies, keep the bottom line down.
Be willing to take risks, break how we have done things in the past.
We aren’t there yet. We have a bunch of work to do.
We all need to help.
Drive customer passion and engagement. WDG-IS is a customer…
Find efficiencies, keep the bottom line down.
Be willing to take risks, break how we have done things in the past.
matt
I wanted to have a special call out to these programs to ensure it’s gotten your attention. The Edge web plat beta and .net core and asp.net core programs were announced in the months of August and September this year.
Let’s get to the heart of the matter – starting with a new Edge beta bounty
I like to call it part 2 of the Edge beta bounty series as the first one was in 2015
Please submit RCE and W3c standard
We want you to use our latest bits and partner with us to help us understand the issue better. Additional money will be awarded for those who submit bugs on WIP slow
All bugs must reproduce on the Windows Insider Preview slow branch.
A lot of you have had questions in the past on why we focus primarily on beta – one of the reasons is that we want to find all these bugs in our latest and greatest software in earlier development stages.
It ensures the end user receives the most secure software possible (it’s been through internal and crowdsourced pen testing)
Another change with this bounty aligns with the general trend by other software vendors and bounty agents
We will pay $1500 for internally known bugs
You’ve got about 7 more months to give us your bugs