Control Flow Guard Mitigation Bypass

Introduced in Windows 8.1 Update 3 and Windows 10, Control Flow Guard was Microsoft’s latest antidote to memory-corruption attacks. The technology was meant to stand up to attacks that had long ago figured out how to bypass previous-generation protections such as Address Space Layout Randomization (ASLR) and Data Execution Protection (DEP).

However, as every new security wall is put up, researchers and hackers alike try to find ways over, under or through it.

Control Flow Guard is no exception.

On Friday, at DerbyCon in Louisville, Ky., researcher Jared DeMott of Bromium is expected to deliver a talk on a CFG bypass. DeMott told Threatpost that Bromium disclosed the technique to Microsoft before Black Hat, but the company has decided not to fix it and that it was not worthy of a bounty.

Microsoft declined to comment; DeMott said Microsoft told Bromium the bypass doesn’t affect all systems and that it would be a difficult attack vector to exploit.

“They said it really only affects 32-bit apps running on 64-bit machines, and that it doesn’t affect all systems,” DeMott said. “My response to them was that IE runs as 32-bit by default on 64-bit Windows and this still fully affects the browser.”

DeMott said that his bypass takes advantage of Microsoft’s choice not to deploy Control Flow Integrity over Control Flow Guard.

“When Control Flow Integrity is implemented, it adds extra checks before a function pointer call is made and a return address is returned, making those the only valid places to return to,” DeMott said. “Microsoft didn’t feel it was necessary to fully implement Control Flow Integrity; Control Flow Guard protects function pointers only, not return addresses.”

Control Flow Guard, which is a Visual Studio technology, was also built into Microsoft’s new Edge Browser, which made its debut earlier this summer. A previous bypass of CFG was disclosed in March by researchers at Core Security.

“[CFG] compiles checks around code that does indirect jumps based on a pointer, restricting these jumps to only jump to function entry points that have had their address taken,” Microsoft describe upon in a report explaining the security features of the Edge browser. “This makes attacker take-over of a program much more difficult by severely constraining where a memory corruption attack can jump to.”

The key to DeMott’s bypass, he said, is the ability to corrupt a return address and kick off a series of events leading to a return-oriented programming (ROP) chain that is central to so many memory-corruption attacks. The Bromium technique is called Stack Desync and relies on the use of different function calling conventions, he said.

“If you mix and match them, when you call a function pointer and the system expects a standard convention, but gets another, the stack desyncs and returns an arbitrary address,” DeMott said. “If you don’t protect the return addresses, the model is broken.

“If you don’t protect the return address, you’re leaving exposed the ability for something like what we’re doing. It’s possible to shuffle things around on the stack so that a call will return, not to a valid address, but to the start of an attack instead.”

Such a bypass is not trivial to pull off and is likely the playground of a nation-state of intelligence-agency backed operation. The attack provides a point of entry onto a network, opening the door to secondary attacks leading to data loss or privilege escalation.

“This is the next evolution of the typical cat-and-mouse game that is memory corruption,” DeMott said. “All this research, even though it sounds bad, it’s pushing ball forward and raises bar for attackers. [Microsoft] chose not to fix it and felt like they did the best they could with it and not fully repair it. There’s some slight risk here and the technique we used doesn’t exist everywhere.”