Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Windows Core Security Mitigations Bypassed.

04 Feb 2010   #1
JMH

Win 7 Ultimate 64-bit. SP1.
 
 
Windows Core Security Mitigations Bypassed.

Quote:
White hackers has built reliable exploits of two of the core security mitigations included in the most recent releases of Windows, including Windows 7 and Windows Vista. Security researchers have put together attacks against Windows security measures and managed to circumvent the added protection delivered by Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR). Both Vista and Windows 7 feature DEP and ASLR and so far the two security mitigations have held their own against attacks, making exploits targeting Vista and Windows 7 difficult enough to discourage attackers from even trying. Vista has a proven track record of delivering more protection to end users compared to Windows XP, being impacted by far less vulnerabilities. Windows 7, released for the general public barely three months ago, has yet to prove itself.

According to The Register, both the attacks that bypass DEP and ASLR use Adobe Flash as a vector of attack. Security researcher Dionysus Blazakis, leveraged the just-in-time compiler in Flash in order to put large portions of identical shell code in the memory of the attacked machine. The technique then allowed the white hacker to render ASLR virtually useless, and estimate the position of executable images of .EXE and .DLL files. Such an action would be extremely difficult to perform under normal conditions, since ASLR is designed to randomize the position of executable images in the computerís memory.
Source -
Windows Core Security Mitigations Bypassed by White Hackers - ASLR and DEP - Softpedia


My System SpecsSystem Spec
.

Reply

 Windows Core Security Mitigations Bypassed.




Thread Tools





Similar help and support threads
Thread Forum
Windows 7: how to stop parent control being bypassed?
I have an old Dell XPS430 desktop running Windows 7 and my teenage son uses to play online games. Lately, I notice that he's been doing it excessively, sometimes staying up well past midnight which caused him missing school lesssons in the morning. To limite his time on the computer, I set up...
System Security
Security firm: We have bypassed Microsoft's IE6-8 "Fix it" patch
Source A Guy
Security News
Intel Gives Core i3, Core i5 Dual-Core Processors K0 Stepping Update
more..
News
German beer blasts hole through Apple's security core
German beer blasts hole through Apple's security core - The Local
Chillout Room
Windows 7's default UAC bypassed by 8 out of 10 malware
Windows 7's default UAC bypassed by 8 out of 10 malware samples | Zero Day | ZDNet.com
News
Internet Explorerís ActiveX Security Mitigations in Use
More...
News

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 00:25.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App