Slashdot Mirror

← Back to Stories (view on slashdot.org)

Defeating XP SP2 Heap Protection

Posted by michael on Saturday January 29, 2005 @11:57AM from the secure-by-design dept.

hobo2k writes "XP SP2 included canary values and hardware-implemented execution protection in order to avoid exploitable buffer overruns. Now Positive Technologies has released an article describing one way that protection could be bypassed. To solve the problem, they provide a program which disables the small allocation heap as described here. CNET reports that SP2 has been foiled."

2 of 242 comments (clear)

Min score:

Reason:

Sort:

Re:Fixed Quickly? by Anonymous Coward · 2005-01-29 13:19 · Score: 0, Flamebait

Stop trolling, there have been plenty of Linux kernel exploits. You'd think they could develope secure OS layer code considering you've got all those "eyes" looking at the code.
Merit? by gmuslera · 2005-01-29 14:15 · Score: 0, Flamebait

Whats the merit of a paper speaking over defeating some windows technology "protection"? You just need to sneeze over a windows machine and it become infected by some virus, come on.
I suppose that the real merit is not how to defeat it, but how fix it, maybe the article should have been titled "Fixing the XP SP2 Heap Protection",