Real life hacks for Windows and Office... and how to stop them (Microsoft Ignite)

Microsoft's Hacker in Chief, Dave Weston, demonstrates real world hacks for Windows and Office along with how to stop them. The first attacks are through Office macro-enabled files and malicious files without macros. Dave explains how the upcoming Application Guard capability in Office will run the app using virtualization-based security to abstract it from Windows. Next, he walks through the steps a hacker would take to disable anti-malware on a device and how the new System Guard API can detect the security state of the machine and disable cloud services access via Conditional Access blocks in Azure Active Directory. Finally, Dave shows how hacking a vulnerability via PCI leach over Thunderbolt can sign into any unprotected computer and how virtualization-based security in Windows 10 along with Secured Core PCs can prevent these and other zero day exploits. Check out https://aka.ms/securedcore for more information about Secured Core PCs At Microsoft Ignite 2019, this was session THR2275: Real-life hacks and how to stop them with Windows and Office updates. David Weston is the Partner Director of OS security at Microsoft where he is responsible for the Security engineering of Windows, Windows Server, and the Azure OS as well as the Offensive Security Research Team (also known as the Windows REDTEAM). Before leading security engineering in Windows, David lead the security research team for Microsoft Defender ATP the team responsible for detecting and responding to global adversaries. David has been with Microsoft since Windows 7, holding many different security roles in mitigation design, penetration testing, malware analysis, and threat intelligence. In addition to his engineering work, David is also an accomplished security researcher presenting his work at numerous security conferences including Blackhat and Defcon.