Showing Posts About
Yong chuan koh
-
Yong Chuan Koh - 23 Nov 2017
Corrupting Memory In Microsoft Office Protected-View Sandbox
This presentation explores vulnerabilities in Microsoft Office's Protected-View sandbox through fuzzing its Inter-Process Communication (IPC) attack surface. Two critical CVEs were discovered targeting the reduced functionality sandbox environment. The talk details the methodology for generating test cases and analyzing potential security weaknesses in Protected-View.
- Yong Chuan Koh
- 12 Oct 2016
Fuzzing the Windows kernel
A presentation by Yong Chuan Koh at HITB GSEC 2016 introduced a Python-based fuzzing framework for testing Windows kernel security. The framework is designed to be scalable and extensible for comprehensive kernel vulnerability detection. Presentation slides are available for download from the original source.
- Yong Chuan Koh
- 3 Jul 2015
Understanding the Protected-View Sandbox
The whitepaper analyzes the Microsoft Office 2013 Protected-View sandbox architecture. It explores the sandbox's initialization, system resource restrictions, and Inter-Process Communication (IPC) mechanism. The technical analysis was originally presented at the REcon 2015 Security Conference.