Satoshi Tanda

I am thrilled to be back and offer the in-person training once again at Hexacon, the fabulous conf. in Paris hexacon.fr/trainer/tanda/ Get hands-on experience with virtualization and learn real-world applications and bugs of them! The tickets will be available for purchase soon.

It is amazing to see someone taking a class and then making stellar output by extending what they learned in the class. Obviously, @_jaelkoh dedication was the key, but also, @saidelike must have done a fabulous job helping his students learn and get started. Very cool.

AMD APM has been updated for the first time in over a year. docs.amd.com/v/u/en-US/2459…

Looks like a cool project. Do not be confused with NOVA Microhypervisor, which is another fabulous project: github.com/udosteinberg/N…

The embargo (12:00 UTC 2025-06-10) is over, let's start a thread on Hydroph0bia (CVE-2025-4275), a trivial SecureBoot and FW updater signature bypass in almost any Insyde H2O-based UEFI firmware used since 2012 and still in use today. English writeup: coderush.me/hydroph0bia-pa…

Excellent write-up on stealth hooking with hypervisors on the Intel processors. It discusses two different approaches in detail with actual implementations you can play with.

Our talk at #BHUSA @BlackHatEvents Briefings has been accepted! This is a presentation on an initiative to make the BIOS usable even after the OS has booted, enabling malbehavior to occur solely within the BIOS, independent of the OS. blackhat.com/us-25/briefing…

The best talk I have been in a while

Just wrapped up teaching my hypervisor development class. Always refreshing to work with sharp folks from diverse backgrounds—and rewarding to help them get started. The next class will be in person at @hexacon_fr. Check out the conference page if you're interested.

The registration is open now. See you in Paris!

My talk about the recent SMM architecture and security at @TheSAScon : youtube.com/watch?v=AIGj6Q… The conference was well organized and had plenty of networking opportunities. Though, the best thing was the venue :) It is at a beautiful resort again this year, so you will love it.

This is like "VT-x 101". The essence of HW-assisted VT, everything needed to virtualize Windows on-the-fly, and a bit of security in 2 days. It misses a ton of fun discussions and exercises that are in my 4 days class, but I am giving back to the community that helped me learn.

The Documentation Change file got updated. Thank you @IntelSupport for fixing it quickly!

The new blog post on supervisor shadow stack restrictions / supervisor shadow-stack control tandasat.github.io/blog/2025/04/0…

Intel SDM rev 87 was out. Updates? Good luck with diffing 5000+ pages of PDF files. @intel forgot to update the Documentation Changes file.

Nice to see Intel and MSFT's posts on VT-rp / HVPT. If you are interested in playing with the feature, simple example code is here: github.com/tandasat/Hello…

Excellent post on Samsung's hypervisor! I did not know they too were transitioning to Rust. Good move.

You can now jailbreak your AMD CPU! 🔥We've just released a full microcode toolchain, with source code and tutorials. bughunters.google.com/blog/542484235…

🌟 Microsoft is Getting Rusty: A Review of Successes and Challenges - a Talk from Rust Nation UK 2025 - Mark Russinovich, CTO, Deputy CISO, and Technical Fellow for Microsoft Azure youtu.be/1VgptLwP588?si…