IE8 RTW anti-malware protection with SmartScreen Filter; bulletproofed against .NET, DEP and ASLR Bypass

The gold version of Internet Explorer 8 (download) was bulletproofed against techniques designed to attack Internet Explorer 7 by leveraging inconsistencies in Windows Vista's memory protection mechanisms. Sotirov and Dowd managed to circumvent DEP and ASLR via .NET framework DLL’s that were used for memory page allocation in relation to predictable locations within the iexplore.exe […]

The gold version of Internet Explorer 8 (download) was bulletproofed against techniques designed to attack Internet Explorer 7 by leveraging inconsistencies in Windows Vista's memory protection mechanisms. Sotirov and Dowd managed to circumvent DEP and ASLR via .NET framework DLL’s that were used for memory page allocation in relation to predictable locations within the iexplore.exe process. Jonathan Ness explained that the bypass was no longer valid with the copy of Internet Explorer 8 released to web on March 19, 2009.

IE8 SmartScreen filter helps to prevent phishing and malware attacks. Here are some real-world key statistics: delivered over 10 million malware blocks in the past six months; that’s a block for one out of 40 users, every week; we’ve seen (and blocked) one in every 200 downloads as malicious, reveals IE Blog.