In this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone are joined by Mike Macelletti from Microsoft’s MSRC Vulnerabilities and Mitigations team to explore Redirection Guard, a powerful mitigation designed to tackle a long-standing class of file path redirection vulnerabilities in Windows. Mike shares how his interest in security began, the journey behind developing Redirection Guard, and how it's helping reduce a once-common bug class across Microsoft products. He also explains how the feature works, why it's impactful, and what developers can do to adopt it. Plus, a few fun detours into Solitaire hacking, skiing, and protein powder. 

 

 

In This Episode You Will Learn:  

 

  • What Redirection Guard is and how it helps prevent file system vulnerabilities 
  • How Microsoft identifies and addresses common bug classes across their ecosystem 
  • Why some vulnerabilities still slip past Redirection Guard and what’s out of scope 

 

Some Questions We Ask: 

 

  • What is a junction and how is it different from other redirects? 
  • How does Redirection Guard decide which shortcuts to block? 
  • Are there vulnerabilities Redirection Guard doesn’t cover? 

   

  

Resources:      

View Mike Macelletti on LinkedIn     

View Wendy Zenone on LinkedIn   

View Nic Fillingham on LinkedIn  

 

  

Related Microsoft Podcasts:   

  

  

  

Discover and follow other Microsoft podcasts at microsoft.com/podcasts   

Hosted on Acast. See acast.com/privacy for more information.

Podden och tillhörande omslagsbild på den här sidan tillhör Microsoft. Innehållet i podden är skapat av Microsoft och inte av, eller tillsammans med, Poddtoppen.