The security features of modern PC hardware are enabling new trust
boundaries and attack resistance capabilities unparalleled in software
alone. These hardware capabilities help to improve resistance to a wide
range of attacks including physical attacks against DMA and disk
encryption, kernel and remote code exploits, and even application
isolation through virtualization.
In this talk, we will review the metamorphosis and fundamental
re-architecture of Windows to take advantage of emerging hardware
security capabilities. We will also examine in-depth the hardware
security features provided by vendors such as Intel, AMD, ARM and
others, and explain how Windows takes advantage of these features to
create new and powerful security boundaries and exploit mitigations.
Finally, we will discuss the new attack surface that hardware provides
and review exploit case studies, lessons learned, and mitigations for
attacks that target PC hardware and firmware.