Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: On the effectiveness of DEP and ASLR


13 Dec 2010   #1
JMH

Win 7 Ultimate 64-bit. SP1.
 
 
On the effectiveness of DEP and ASLR

Quote:

DEP (Data Execution Prevention) and ASLR (Address Space Layout Randomization) have proven themselves to be important and effective countermeasures against the types of exploits that we see in the wild today. Of course, any useful mitigation technology will attract scrutiny, and over the past year there has been an increasing amount of research and discussion on the subject of bypassing DEP and ASLR [1,2]. In this blog post we wanted to spend some time discussing the effectiveness of these mitigations by providing some context for the bypass techniques that have been outlined in attack research. The key points that should be taken away from this blog post are:
  • DEP and ASLR are designed to increase an attacker's exploit development costs and decrease their return on investment.
  • The combination of DEP and ASLR is very effective at breaking the types of exploits we see in the wild today, but there are circumstances where they can both be bypassed.
  • Exploits targeting Microsoft and third party vulnerabilities have been created that are capable of bypassing DEP and ASLR in the context of browsers and third party applications.
  • We are currently not aware of any remote exploits that are capable of bypassing DEP and ASLR in the context of in-box Windows services and various other application domains.
  • Knowledge of potential bypass techniques directly informs our future work to improve the robustness and resiliency of DEP, ASLR, and our other mitigation technologies.
On the effectiveness of DEP and ASLR - Security Research & Defense - Site Home - TechNet Blogs

My System SpecsSystem Spec
.

13 Dec 2010   #2

Win7 HP (x64)/Win7 Ultimate (x64)
 
 

Thanks for the informative post Jan.
Have a great day
My System SpecsSystem Spec
Reply

 On the effectiveness of DEP and ASLR




Thread Tools



Similar help and support threads for2: On the effectiveness of DEP and ASLR
Thread Forum
Performance Effectiveness/Memory Usage Performance & Maintenance
Is SAS loosing its effectiveness? System Security
Solved MSE effectiveness ? System Security
PE/COFF Rebasing & ASLR Software
Speedboost effectiveness Performance & Maintenance
Security Firewalls(ease and effectiveness) System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 11:47 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33