Workflow TV

Workflow TV - XAML and Activity Assembly Spoofing

Download this episode

Download Video

Description

What happens to a Workflow if an attacker can lure the workflow host into running XAML which references an assembly replaced by the attacker?  This is what I call an Activity Assembly Spoofing attack.  On this episode I'll show you how it can happen, what you need to know about the security model and what you can do to prevent it.

Links

Ron Jacobs
http://blogs.msdn.com/rjacobs
Twitter: @ronljacobs http://twitter.com/ronljacobs

Tags:

Security, WF, WF4

Embed

Format

Available formats for this video:

Actual format may change based on video formats available and browser capability.

    The Discussion

    Comments closed

    Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums, or Contact Us and let us know.