A Dive in to Hyper-V Architecture & Vulnerabilities

The presentation discusses the architecture and vulnerabilities of Hyper-V, a virtualization technology used for platform security and cloud security. The speakers highlight the bug bounty program offered by Microsoft for finding vulnerabilities in Hyper-V and provide an overview of the architecture of Hyper-V from a security researcher's perspective.

• Hyper-V is a virtualization technology used for platform security and cloud security
• Microsoft offers a bug bounty program for finding vulnerabilities in Hyper-V
• The presentation provides an overview of the architecture of Hyper-V from a security researcher's perspective
• Isolation of partitions is provided by the hypervisor using extended page tables and intercepts or traps
• The presentation showcases some of the interesting vulnerabilities found in Hyper-V
• The bug bounty program pays up to $250,000 for finding and exploiting bugs in the kernel of the hypervisor

The speakers mention that finding bugs in Hyper-V is hard and complicated, and there are not many publicly described vulnerabilities. They also note that exploiting bugs in Hyper-V is not a failure, and it takes a lot of time to ramp up. The bug bounty program offered by Microsoft is one of the best, and the maximum payout is $250,000. The presentation showcases some of the vulnerabilities found in Hyper-V, including one that netted the most payout of $150,000. The speakers encourage researchers to send in more bugs and get them fixed.

Virtualization technology is an increasingly common foundation on which platform security is built and clouds are secured. However, virtualization stacks are ultimately software, all software has vulnerabilities, and few things are more beautiful (or scary) than a guest-to-host exploit. Research into this cutting-edge area is not only interesting, it is extremely profitable. Microsoft offers a bug bounty program with rewards up to $250,000 USD for vulnerabilities in Hyper-V. To make your bounty hunting efforts easier , we will outline how Hyper-V works with a focus on the information you, as a security researcher, need to find vulnerabilities. This will cover relevant details about the Hyper-V hypervisor and supporting kernel-mode and user-mode components. We'll also show off some of the interesting vulnerabilities we've seen in Hyper-V and discuss what they would have fetched if they had been reported through the bounty.