In May 2024, Microsoft introduced a new category of PCs designed for AI, called Copilot+ PCs. According to Microsoft, those PCs are starting a new chapter of AI integration on Windows and, thus, personal computing. Each device will have an NPU enabling the device to run Large-Language Models (LLMs) locally. But how exactly were those NPUs integrated into Windows? In this talk, we will do a deep dive into the architecture of NPUs and discuss how relevant drivers on Windows are implemented. We will describe different vectors to attack NPUs and showcase how we, as an attacker, can interact with an NPU. Then, we will explain and showcase a bug from two different NPU vendors. For one NPU, we will demonstrate how we can use the discovered bug to escalate our privileges as a concrete exploitation example. Via this Briefing, the attendees will gain insights on NPU bugs and their security implications, and learn how to exploit them on Copilot+ PCs on the latest Windows 11 version 24H2. By: Nicola Stauffer | Student, Zürich University of Applied Sciences ZHAW Gürkan Gür | Senior Lecturer, Zürich University of Applied Sciences ZHAW Full Abstract and Presentation Materials: https://ift.tt/KzR8Lo4
source https://www.youtube.com/watch?v=K_C5-wZCAN0
-
Germany recalled its ambassador to Russia for a week of consultations in Berlin following an alleged hacker attack on Chancellor Olaf Scho...
-
Android’s May 2024 security update patches 38 vulnerabilities, including a critical bug in the System component. The post Android Update ...
No comments:
Post a Comment