A security feature used in the open-source world is now helping to harden Windows Vista against buffer overrun exploits.
Microsoft has quietly fitted the feature, called ALSR (Address Space Layout Randomization) in Windows Vista Beta 2 as part of a larger plan to make it more difficult to automate attacks against the operating system.
"Not only is it in Beta 2, it's on by default too," said Michael Howard, senior security program manager at Microsoft in a blog entry announcing the news.
"We added ASLR pretty late in the game, but we decided that adding it to beta 2 and enabling it by default was important so we can understand how well it performs in the field," Howard said.
Howard, who wrote the book on Microsoft's highly-touted SDL (Security Development Lifecycle), stressed that ASLR is not a panacea or a replacement for insecure code but said it could serve as a "useful defense" against malware attacks when used in conjunction with other technologies.
Several open-source security systems —OpenBSD, PaX and Exec Shield – already implement ASLR, which is described as a security feature that randomly arranges the positions of key data areas to prevent malicious hackers from predicting target addresses.
View: Full Article @ EWeek
View: Michael Howards' Blog on ALSR
Microsoft has quietly fitted the feature, called ALSR (Address Space Layout Randomization) in Windows Vista Beta 2 as part of a larger plan to make it more difficult to automate attacks against the operating system.
"Not only is it in Beta 2, it's on by default too," said Michael Howard, senior security program manager at Microsoft in a blog entry announcing the news.
"We added ASLR pretty late in the game, but we decided that adding it to beta 2 and enabling it by default was important so we can understand how well it performs in the field," Howard said.
Howard, who wrote the book on Microsoft's highly-touted SDL (Security Development Lifecycle), stressed that ASLR is not a panacea or a replacement for insecure code but said it could serve as a "useful defense" against malware attacks when used in conjunction with other technologies.
Several open-source security systems —OpenBSD, PaX and Exec Shield – already implement ASLR, which is described as a security feature that randomly arranges the positions of key data areas to prevent malicious hackers from predicting target addresses.
View: Full Article @ EWeek View: Michael Howards' Blog on ALSR
http://blogs.msdn.com/michael_howard/archi.../26/608315.aspx
In Windows Vista ASLR is enabled by default
"A security feature used in the open-source world..."
Microsoft: Innovation through Imitation.
This updated comment box is very nice indeed, well done staffz0rz!
I think it is good that Microsoft is looking at every possible way to secure their OS, given how frequently attacked they have been (due to marketshare and hideous choices in default configurations - open ports, etc.)
BSD is renowned for security, so this may be helpful to Vista.
EDIT: Oh, and ASLR is available in Linux, it seems. Red Hat and Gentoo seem to have it (it is part of ExecShield or PaX). I didn't google for any other distros, but franzon is free to google it for himself.
Last edited by markjensen on 31 May 2006 - 12:50
I think it is good that Microsoft is looking at every possible way to secure their OS, given how frequently attacked they have been (due to marketshare and hideous choices in default configurations - open ports, etc.)
BSD is renowned for security, so this may be helpful to Vista.
EDIT: Oh, and ASLR is available in Linux, it seems. Red Hat and Gentoo seem to have it (it is part of ExecShield or PaX). I didn't google for any other distros, but franzon is free to google it for himself.
yeah I was just tryign to figure out if he was flaming against free linux distros or vista.... it' wasn't very clear
In Hardened Gentoo you have to compile the kernel by yourself to apply that patch, and this is not simple and there'are many incompatible problems.
Sounds easy enough for "conventional users" to me.
Sounds easy enough for "conventional users" to me.
not when you have to reboot for almost every single update... Vista is said to fix that but we'll see...
Here, download the latest RHEL, yourself. Free of charge and legal: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/4/en/os/
Quit splitting hairs over Vista, which is not at all freely downloadable.
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.