Defeating Pass-The Hash: Separation of Powers

by Seth Moore, Baris Saydag Sept. 18, 2017 via Black Hat submitted by belen_caty

The harvest and reuse of symmetric credentials has become a linchpin of system breaches. Under the guise of Pass-the-Hash, attackers are adept at reusing not only passwords, but derivatives such as hashes and keys. Windows 10 brings strong isolation of these artifacts, defeating Pass-the-Hash attacks originating from clients. In this talk, we give an overview of the isolation technology. In addition, we answer questions such as: How does Windows 10 guarantee isolation of secrets? How does this go beyond simple client security? Can this even be achieved without major protocol revisions?

Steven Ulm 1 month ago

I am really happy with the security upgrades in Windows 10, but I am really wondering which aspects Microsoft will take care of next?