Microsoft Release BlueHat 2013 Presentation
James Forshaw presents on 'Surface-Attack-Surface: Bypassing Code Integrity in 140 Characters or Fewer' at BlueHat 2013.
Windows 8 RT was the first desktop version of Windows which heavily restricted what a normal user could execute. While it provided almost a complete desktop environment only code signed by a trusted Microsoft certificate was allowed to run. This represents a significantly different security environment to typical remote-code-execution mitigations which makes the large attack surface interesting.
This presentation will go through some of the changes made to the desktop environment from Windows 7 to make it harder to circumvent the restrictions, some of the known ways unsigned code can be executed, as well as some of the changes in Windows 8.1 RT to mitigate these issues.