Windows Vista Beta 2, released last week, includes a new security feature designed to protect against buffer overrun exploits. Called Address Space Layout Randomization (ASLR), the feature loads key system files in different memory locations each time the PC starts, making it harder for malicious code to run, according to Microsoft. “It is not a panacea, it is not a replacement for insecure code,” Michael Howard, a senior security program manager at Microsoft, wrote in a blog post announcing the feature.<\/p>\n","protected":false},"excerpt":{"rendered":"
Several open-source security systems use it already, including OpenBSD, and the PaX and Exec Shield patches for Linux.<\/p>\n
Certain attacks attempt to call Windows system functions, such as the “socket()” function in “wsock32.dll,” to open a network socket.<\/p>\n
Randomization seems to have served open-source systems fairly well, said Russ Cooper, senior scientist at Cybertrust, a security vendor in Herndon, Va. “I suspect this will be the first thing looked for–something which tells you which of the locations has been chosen, or anything that provides you with a pointer,” Cooper said. Attackers could also create malicious software that tries to poke at all 256 memory locations.<\/p>\n
http:\/\/ct.zdnet.com\/clicks?t=2480243-800b8f382c23b3407752a20ab3416b11-bf&s=5&fs=0<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-1491","post","type-post","status-publish","format-standard","hentry","category-product"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1491","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1491"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1491\/revisions"}],"predecessor-version":[{"id":3978,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1491\/revisions\/3978"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1491"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1491"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1491"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}