Windows core security bypassed by hackers

White hackers has built reliable exploits of two of the core security mitigations included in the most recent releases of Windows, including Windows 7 and Windows Vista. “both the attacks that bypass DEP and ASLR use Adobe Flash as a vector of attack. Security researcher Dionysus Blazakis, leveraged the just-in-time compiler in Flash in order […]
White hackers has built reliable exploits of two of the core security mitigations included in the most recent releases of Windows, including Windows 7 and Windows Vista. “both the attacks that bypass DEP and ASLR use Adobe Flash as a vector of attack. Security researcher Dionysus Blazakis, leveraged the just-in-time compiler in Flash in order to put large portions of identical shell code in the memory of the attacked machine. The technique then allowed the white hacker to render ASLR virtually useless, and estimate the position of executable images of .EXE and .DLL files. Such an action would be extremely difficult to perform under normal conditions, since ASLR is designed to randomize the position of executable images in the computer’s memory,” reports The Register.