An Interest In:
Web News this Week
- April 20, 2024
- April 19, 2024
- April 18, 2024
- April 17, 2024
- April 16, 2024
- April 15, 2024
- April 14, 2024
November 17, 2017 10:00 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/zY587n7zMf4/windows-8-and-later-fail-to-properly-apply-aslr
Windows 8 and Later Fail To Properly Apply ASLR
An anonymous reader writes: Windows 8, Windows 8.1, and subsequent Windows 10 variations fail to properly apply ASLR, rendering this crucial Windows security feature useless. The bug appeared when Microsoft changed a registry value in Windows 8 and occurs only in certain ASLR configuration modes. Basically, if users have enabled system-wide ASLR protection turned on, a bug in ASLR's implementation on Windows 8 and later will not generate enough entropy (random data) to start application binaries in random memory locations. For ASLR to work properly, users must configure it to work in a system-wide bottom-up mode. An official patch from Microsoft is not available yet, but a registry hack can be applied to make sure ASLR starts in the correct mode. The bug was discovered by CERT vulnerability analyst Will Dormann while investigating a 17-years-old bug in the Microsoft Office equation editor, to which Microsoft appears to have lost the source code and needed to patch it manually.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/zY587n7zMf4/windows-8-and-later-fail-to-properly-apply-aslr
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot