Singapore: Sandboxing segregates applications to prevent malicious code from damaging the data organisations want to keep safe and secure. While excellent sandbox research exists for Chrome, Internet Explorer Enhanced Protected Mode and Adobe Reader, there is no similar research for the Microsoft Office Protected-View sandbox. MWR InfoSecurity, believing that needs to change as research is key to prevent security-via-obscurity, will offers its insights at RECon next week .
"Sandboxing is a popular modern technique used by vendors to minimise the damage attackers might inflict on a compromised system by restricting the application’s trust boundaries” said MWR security researcher, Yong Chuan Koh. “Criminals will always be looking for ways to fine tune their code to slip past defences and, as the defenders, its our job to make sure they’re unsuccessful. A key part of this, I believe, is research.”
Yong Chuan Koh has been confirmed as a speaker at this year’s RECon - held 12th – 21st of June in Montreal Canada. His seminar, titled ‘Understanding the Microsoft Office 2013 Protected-View Sandbox’ will cover the Protected-View sandbox internals including its architecture, its initialisation sequence and the system resource restrictions. The seminar will also discuss the Inter-Process Communication (IPC) mechanism, including the mode of communication, undocumented objects involved, format of IPC messages and the semantics of selected IPC messages.