In this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone are joined by Mike Macelletti from Microsoft’s MSRC Vulnerabilities and Mitigations team to explore Redirection Guard, a powerful mitigation designed to tackle a long-standing class of file path redirection vulnerabilities in Windows. Mike shares how his interest in security began, the journey behind developing Redirection Guard, and how it's helping reduce a once-common bug class across Microsoft products. He also explains how the feature works, why it's impactful, and what developers can do to adopt it. Plus, a few fun detours into Solitaire hacking, skiing, and protein powder. 

In This Episode You Will Learn:  

• What Redirection Guard is and how it helps prevent file system vulnerabilities 
• How Microsoft identifies and addresses common bug classes across their ecosystem 
• Why some vulnerabilities still slip past Redirection Guard and what’s out of scope 

Some Questions We Ask: 

• What is a junction and how is it different from other redirects? 
• How does Redirection Guard decide which shortcuts to block? 
• Are there vulnerabilities Redirection Guard doesn’t cover? 

Resources:      

View Mike Macelletti on LinkedIn     

View Wendy Zenone on LinkedIn   

View Nic Fillingham on LinkedIn  

Related Microsoft Podcasts:   

• Microsoft Threat Intelligence Podcast   
• Afternoon Cyber Tea with Ann Johnson   
• Uncovering Hidden Risks   

Discover and follow other Microsoft podcasts at microsoft.com/podcasts   

Hosted on Acast. See acast.com/privacy for more information.