Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Windows Core Security Mitigations Bypassed.

04 Feb 2010   #1
JMH

Win 7 Ultimate 64-bit. SP1.
 
 
Windows Core Security Mitigations Bypassed.

Quote:
White hackers has built reliable exploits of two of the core security mitigations included in the most recent releases of Windows, including Windows 7 and Windows Vista. Security researchers have put together attacks against Windows security measures and managed to circumvent the added protection delivered by Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR). Both Vista and Windows 7 feature DEP and ASLR and so far the two security mitigations have held their own against attacks, making exploits targeting Vista and Windows 7 difficult enough to discourage attackers from even trying. Vista has a proven track record of delivering more protection to end users compared to Windows XP, being impacted by far less vulnerabilities. Windows 7, released for the general public barely three months ago, has yet to prove itself.

According to The Register, both the attacks that bypass DEP and ASLR use Adobe Flash as a vector of attack. Security researcher Dionysus Blazakis, leveraged the just-in-time compiler in Flash in order to put large portions of identical shell code in the memory of the attacked machine. The technique then allowed the white hacker to render ASLR virtually useless, and estimate the position of executable images of .EXE and .DLL files. Such an action would be extremely difficult to perform under normal conditions, since ASLR is designed to randomize the position of executable images in the computerís memory.
Source -
Windows Core Security Mitigations Bypassed by White Hackers - ASLR and DEP - Softpedia


My System SpecsSystem Spec
.

Reply

 Windows Core Security Mitigations Bypassed.




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 01:31 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33