Isolated User Mode Processes and Features in Windows 10 with Logan Gabriel

Sign in to queue

Description

In Part 1 of this mini-series we dove into the new Isolated User Mode for Windows 10 with Dave Probert. In this episode Logan Gabriel, a Senior Security Engineer here at Microsoft, takes us through some of the actual processes and features that come in Windows 10 thanks to this new Isolated User Mode concept. In essence it is a more in depth look at the actual things implemented using the concepts we learned in the earlier video. Stay tuned for one more episode in this series coming soon!

Embed

Download

Download this episode

The Discussion

  • User profile image
    Julien Couvreur

    For those pressed for time, this episode discusses how the isolated user mode was pen-tested. Also, discusses some possible applications for this, such as virtual TPM (a process keeping secrets, similar to TPM keeping secrets in hardware).

  • User profile image
    vaualbus

    I guess that something cool to port into this secure world is patcguard so even the kernel cannot change it. A lot of way to disable is to modify the kernel,
    but let say that patchguard could be initialized (during the uefi boostrap)and placed into a that secure world than it would became impossible to hack it.

  • User profile image
    saibot

    I doubt he has time to follow the thread here, but I'd love to hear what Mr. Gabriel's insights on the "hive" in relation to kernel mode, isolated user mode etc. are. Great video.=> Glad the dice comment made the cut! I've been absent from the progress of the ntkernel since early/mid 5 and this really helped to give me a birds-eye view of the, errr, state of the union, so to speak. Cheers ! :0)

  • User profile image
    timreilly

    Are these in order?

    Part 1: Isolated User Mode

    Part 2: Isolated User Mode Processes and Features (This Video)

    Part 3: More on Process and Features

     

    Really enjoying these videos!

    Thank you for sharing!

     

Add Your 2 Cents