There's the announcement appearing many places today regarding IBM Information Security Systems' Mark Dowd and VMware's Alexander Sotirov claim that they've discovered a method for completely bypassing Vista's security infrastructure. What I thought was of particular interest is Dowd and Sotirov's claim that their method completely bypasses the Address Space Layout Randomization (ASLR) scheme. For those unfamiliar, ASLR was created to make buffer overrun exploits much more difficult to accomplish, by relocating the contents of a running program into a random location. For an overview of buffer overflow based security attacks see here

Security through randomization was precisely the subject of my master's thesis. I wish I could find some technical write up of their method.

Posted
Authorddini
CategoriesUncategorized