diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

I agree to have my personal information transfered to MailChimp (more information)


Importance Of Data Execution Prevention and Address Space Layout Randomization Mitigation Technologies

The mitigation technologies like DEP, ASLR, and others like them (SEHOP, GS, etc) are designed to make it more difficult for attackers to reliably exploit software vulnerabilities. In practice, effectiveness of DEP and ASLR is heavily dependent on how completely each mitigation tech has been enabled by an app. Failing to completely enableing leaves low-hanging fruit that an attacker can use to their advantage when developing an exploit.

This point was most recently illustrated in exploit written for Adobe Reader (CVE-2010-2883) where attackers took advantage of a DLL that hadn’t opted-in to ASLR. Following examples show importance of fully enabling mitigations:


Share This Story, Choose Your Platform!

Get Latest News

Subscribe to Digital News Hub

Get our daily newsletter about the latest news in the industry.
First Name
Last Name
Email address
Secure and Spam free...