A Dive in to Hyper-V Architecture & Vulnerabilities

Virtualization technology is an increasingly common foundation on which platform security is built and clouds are secured. However, virtualization stacks are ultimately software, all software has vulnerabilities, and few things are more beautiful (or scary) than a guest-to-host exploit.

Research into this cutting-edge area is not only interesting, it is extremely profitable. Microsoft offers a bug bounty program with rewards up to \$250,000 USD for vulnerabilities in Hyper-V. To make your bounty hunting efforts easier , we will outline how Hyper-V works with a focus on the information you, as a security researcher, need to find vulnerabilities. This will cover relevant details about the Hyper-V hypervisor and supporting kernel-mode and user-mode components. We'll also show off some of the interesting vulnerabilities we've seen in Hyper-V and discuss what they would have fetched if they had been reported through the bounty.

Presented by