{"version":"1.0","type":"rich","provider_name":"Acast","provider_url":"https://acast.com","height":250,"width":700,"html":"<iframe src=\"https://embed.acast.com/$/64ac54ede55ebb0011cb41b1/685461892b3b2092a49adb2e?\" frameBorder=\"0\" width=\"700\" height=\"250\"></iframe>","title":"Securing Redirections with Mike Macelletti ","description":"<p>In this episode of The&nbsp;BlueHat&nbsp;Podcast, host&nbsp;<a href=\"https://www.linkedin.com/in/nicfill/\" rel=\"noopener noreferrer\" target=\"_blank\">Nic Fillingham</a>&nbsp;and&nbsp;<a href=\"https://www.linkedin.com/in/wendyzenone/\" rel=\"noopener noreferrer\" target=\"_blank\">Wendy Zenone</a>&nbsp;are joined by&nbsp;<a href=\"https://www.linkedin.com/in/michael-macelletti-390082a5/\" rel=\"noopener noreferrer\" target=\"_blank\">Mike Macelletti</a>&nbsp;from Microsoft’s MSRC Vulnerabilities and Mitigations team to explore Redirection Guard, a powerful mitigation designed to tackle a long-standing class of file path redirection vulnerabilities in Windows. Mike shares how his interest in security began, the journey behind developing Redirection Guard, and how&nbsp;it's&nbsp;helping reduce a once-common bug class across Microsoft products. He also explains how the feature works, why&nbsp;it's&nbsp;impactful, and what developers can do to adopt it. Plus, a few fun detours into Solitaire hacking, skiing, and protein powder.&nbsp;</p><p>&nbsp;</p><p>&nbsp;</p><p><strong>In This Episode You Will Learn</strong>:&nbsp;&nbsp;</p><p>&nbsp;</p><ul><li>What Redirection Guard is and how it helps prevent file system vulnerabilities&nbsp;</li><li>How Microsoft&nbsp;identifies&nbsp;and addresses common bug classes across their ecosystem&nbsp;</li><li>Why some vulnerabilities still slip past Redirection Guard and&nbsp;what’s&nbsp;out of scope&nbsp;</li></ul><p>&nbsp;</p><p><strong>Some Questions We Ask:</strong>&nbsp;</p><p>&nbsp;</p><ul><li>What is a junction and how is it different from other redirects?&nbsp;</li><li>How does&nbsp;Redirection&nbsp;Guard decide which shortcuts to block?&nbsp;</li><li>Are there vulnerabilities Redirection Guard&nbsp;doesn’t&nbsp;cover?&nbsp;</li></ul><p>&nbsp;&nbsp;&nbsp;</p><p>&nbsp;&nbsp;</p><p><strong>Resources:</strong>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</p><p><a href=\"https://www.linkedin.com/in/michael-macelletti-390082a5/\" rel=\"noopener noreferrer\" target=\"_blank\">View Mike Macelletti on LinkedIn</a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</p><p><a href=\"https://www.linkedin.com/in/wendyzenone/\" rel=\"noopener noreferrer\" target=\"_blank\">View Wendy Zenone on LinkedIn</a>&nbsp;&nbsp;&nbsp;</p><p><a href=\"https://www.linkedin.com/in/nicfill/\" rel=\"noopener noreferrer\" target=\"_blank\">View Nic Fillingham on LinkedIn</a>&nbsp;&nbsp;</p><p>&nbsp;</p><p>&nbsp;&nbsp;</p><p><strong>Related Microsoft Podcasts:</strong>&nbsp;&nbsp;&nbsp;</p><p>&nbsp;&nbsp;</p><ul><li><a href=\"https://msthreatintelpodcast.com/\" rel=\"noopener noreferrer\" target=\"_blank\">Microsoft Threat Intelligence Podcast</a>&nbsp;&nbsp;&nbsp;</li><li><a href=\"https://afternooncybertea.com/\" rel=\"noopener noreferrer\" target=\"_blank\">Afternoon Cyber Tea with Ann Johnson</a>&nbsp;&nbsp;&nbsp;</li><li><a href=\"https://uncoveringhiddenrisks.com/\" rel=\"noopener noreferrer\" target=\"_blank\">Uncovering Hidden Risks</a>&nbsp;&nbsp;&nbsp;</li></ul><p>&nbsp;&nbsp;</p><p>&nbsp;&nbsp;</p><p>Discover and follow other Microsoft podcasts at<a href=\"https://news.microsoft.com/podcasts/\" rel=\"noopener noreferrer\" target=\"_blank\">&nbsp;microsoft.com/podcasts</a>&nbsp;&nbsp;&nbsp;</p>","author_name":"Microsoft"}