Newsletter Archives

• US-CERT Warns of ASLR Implementation Flaw in Windows 8/8.1 and Windows 10

  Posted on November 21, 2017 at 13:28 CST by PKCano • Comment in the Forums

  The U.S. Computer Emergency Readiness Team is warning of a vulnerability in Microsoft’s implementation of Address Space Layout Randomization that affects Windows 8, Windows 8.1 and Windows 10. The vulnerability could allow a remote attacker to take control of an affected system.

  Microsoft said it is investigating the matter.

  Address Space Layout Randomization (ASLR) is championed as a system hardening technology used in most major desktops and mobile operating systems. ASLR is used to thwart memory-based code-execution attacks. iOS, Android, Windows, macOS and Linux each use ASLR to keep systems safer.

  Read the complete warning here.

  Catalin Cimpanu on bleepingcomputer.com offers a further explanation of the vulnerability and a workaround until Microsoft provides the fix.

  @MrBrian first brought this to our attention on Novemver 17, 2017.
  Please Click here to Comment in the Lounge

  Other, Windows Patches/Security ASLR, US-CERT, Windows 10, Windows 8/8.1, Windows vulnerability

• Substantial security improvements coming to Microsoft Edge

  Posted on February 24, 2017 at 08:40 CST by woody • Comment in the Forums

  I’m as skeptical as the next guy – moreso, actually – but I’m impressed by the security enhancements planned for the next version of Edge.

  Matt Miller has an overview here.

  Part 2 should be out shortly.

  Long and short of it:

  Most modern browser exploits attempt to transform a memory safety vulnerability into a method of running arbitrary native code on a target device. This technique is prevalent because it provides the path of least resistance for attackers by enabling them to flexibly and uniformly stage each phase of their attack. For defenders, preventing arbitrary native code execution is desirable because it can substantially limit an attacker’s range of freedom without requiring prior knowledge of a vulnerability. To this end, Microsoft Edge in the Creators Update of Windows 10 leverages Code Integrity Guard (CIG) and Arbitrary Code Guard (ACG) to help break the most universal primitive found in modern web browser exploits: loading malicious code into memory.

  I don’t know how quickly the bad guys will be able to break CIG and ACG, but if they hold up as long as ASLR, it’ll be a significant improvement.

  Windows Patches/Security ACG, ASLR, CIG, Edge

• QuickTime, Picasa, OpenOffice all avoid simple security procedures

  Posted on July 7, 2010 at 05:12 CDT by woody • Comment in the Forums

  I just posted an article on my InfoWorld Tech Watch blog that may be of interest.

  It’s quite disheartening to see how many common software packages don’t use even the simplest system-level antimalware protection.

  Windows News application protection, ASLR, DEP