Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hacker Bypasses Windows 7/8 Address Space Layout Randomization

Posted by Soulskill on from the just-a-matter-of-time dept.

hypnosec writes "Microsoft upped its security ante with Address Space Layout Randomization (ASLR) in Windows 7 and Windows 8, but it seems this mechanism to prevent hackers from jumping to a known memory location can be bypassed. A hacker has released a brilliant, yet simple trick to circumvent this protection. KingCope, a hacker who released several exploits targeting MySQL in December, has detailed a mechanism through which the ASLR of Windows 7, Windows 8 and probably other operating systems can be bypassed to load a DLL file with malicious instructions to a known address space."

1 of 208 comments (clear)

  1. Re:TLDR by fisted · · Score: 1, Troll

    Especially since MS has gone to a lot of trouble to hire an small army of some the best brains in, maths, security, computer science and a number of other scientific disciplines and yet even these brainy overachievers overlooked this simple trick.

    They've also hired such guys to come up with Windows 8 in the first place. And Windows 7. And Windows Vista. And... you get the idea.

    --
    CLI paste? paste.pr0.tips!