BSidesSF has ended
Monday, April 20 • 3:00pm - 4:00pm
Probing Patches: Beyond Microsoft’s ANS

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Patch analysis is the process of examining the difference in vendor supplied binaries incrementally across security updates. Unfortunately, this technique remains less used (at least publically) as a means for understanding vulnerabilities and measuring risk. We aim to provide some exposure to patch analysis by way of examining the process of performing a binary diff against a recent Microsoft CVE. We further aim to demonstrate the utility of fuzzing during the patch diffing process.


bill finlayson

Bio – Bill Finlayson is a Senior Security Researcher with BeyondTrust. Bill focuses on vulnerability research and discovery, reverse engineering, and is part of the development team of Retina – a well-known vulnerability assessment solution.

Monday April 20, 2015 3:00pm - 4:00pm PDT

Attendees (1)