Windows 10 Segment Heap Internals

by Mark Vincent Yason
Sept. 17, 2017 1 comment belen_caty Apps & Hardening

Introduced in Windows 10, Segment Heap is the native heap used in Windows app (formerly called Modern/Metro app) processes and certain system processes. This heap is an addition to the well-researched and widely documented NT heap that is still used in traditional application processes and in certain types of allocations in Windows app processes. In this presentation, I'll discuss the data structures, algorithms and security mechanisms of the Segment Heap. Knowledge of the Segment Heap is also applied by discussing and demonstrating how a memory corruption vulnerability in the Microsoft WinRT PDF library (CVE-2016-0117) is used to create a reliable write primitive in the context of the Edge content process.

Steven Ulm 5 months ago

Segment Heap is truly vulnerable.. I find your article very useful for both aspiring experts in security as well as for the ones working with it already. Thank you for sharing it with us!