Dedup Est Machina

Project Description

Dedup Est Machina (published at S&P ’16) is a new cool attack showing how a JavaScript-enabled attacker can abuse memory deduplication and Rowhammer to own a Microsoft Edge browser on Windows 10 with all the defenses up. The end-to-end attack relies on no software vulnerabilities.

Pwnie Award

Dedup Est Machina won the Pwnie Award for Most Innovative Research at Black Hat USA, 2016.

Reception

Dedup Est Machina hits the news.
Microsoft addresses Dedup Est Machina on Windows 10 in CVE-2016-3272 by disabling memory deduplication by default.

Demo

Papers

Share on Facebook

1

Tweet about this on Twitter

Share on Google+

0

Email this to someone

Print this page

Systems and Network Security Group at VU Amsterdam