In this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone are joined by Mike Macelletti from Microsoft’s MSRC Vulnerabilities and Mitigations team to explore Redirection Guard, a powerful mitigation designed to tackle a long-standing class of file path redirection vulnerabilities in Windows. Mike shares how his interest in security began, the journey behind developing Redirection Guard, and how it's helping reduce a once-common bug class across Microsoft products. He also explains how the feature works, why it's impactful, and what developers can do to adopt it. Plus, a few fun detours into Solitaire hacking, skiing, and protein powder.

In This Episode You Will Learn:

• What Redirection Guard is and how it helps prevent file system vulnerabilities
• How Microsoft identifies and addresses common bug classes across their ecosystem
• Why some vulnerabilities still slip past Redirection Guard and what’s out of scope

Some Questions We Ask:

• What is a junction and how is it different from other redirects?
• How does Redirection Guard decide which shortcuts to block?
• Are there vulnerabilities Redirection Guard doesn’t cover?

Resources:

View Mike Macelletti on LinkedIn

View Wendy Zenone on LinkedIn

View Nic Fillingham on LinkedIn

Related Microsoft Podcasts:

• Microsoft Threat Intelligence Podcast
• Afternoon Cyber Tea with Ann Johnson
• Uncovering Hidden Risks

Discover and follow other Microsoft podcasts at microsoft.com/podcasts

Hosted on Acast. See acast.com/privacy for more information.