EdgeHTML is the new rendering engine that will power the next generation web browser (codenamed Spartan) to be introduced in Windows 10. Because EdgeHTML will be widely deployed - from Windows 10 mobile devices to PCs, it is important that we have understanding of its attack surface and its stance against exploitation.
In this presentation, I'll discuss EdgeHTML's attack surface and the different methods for enumerating it. Then, I'll describe the process of comparing EdgeHTML and MSHTML to identify and understand what had changed from the forking process, and more importantly identify new features and added internal functionalities that can contribute to its attack surface. Finally, I'll discuss the exploit mitigations in place, how they help against certain classes of vulnerabilities, and discuss known bypass techniques that are still applicable.
Mark Vincent Yason is a security researcher on IBM's X-Force Advanced Research team. Mark's current focus areas are browser-based vulnerability/exploit research, browser exploit kits research, and advanced malware research. He authored the papers 'The Art of Unpacking' and 'Diving Into IE 10's Enhanced Protected Mode Sandbox,' and co-authored the papers 'Reversing C++,' 'Playing In The Reader X Sandbox,' and 'Digging Deep Into The Flash Sandboxes', all of which were previously presented at Black Hat.