17:40 - 18:40
Talk (60 min)
The Hidden Risk in Undocumented API Behavior
Documentation completeness, or rather the lack of it, can be detrimental. This session will delve into one example illustrating how more than 15 AV and EDR vendors have overlooked undocumented risk in a group of Win32 API functions, exposing them to an attack in which malicious actors could disable their protection or gain additional privileges on the system. The talk will also discuss lessons learned.