Your Ad Here Your Ad Here
Results 1 to 2 of 2

Thread: Windows Vista, ASLR, DEP and OEMs

  1. #1
    peat moss's Avatar Software Farmer BT Rep: +15BT Rep +15BT Rep +15
    Join Date
    May 2003
    Location
    Delta B.C. Canada
    Posts
    10,816
    As I mentioned in a previous series of posts, we recently had all the major OEMs on campus to discuss SDL and how we can work together. My big ask of the OEMs (actually, I grovelled, it was pathetic) was to enable DEP/NX in the BIOS by default on all their shipping PCs in time for Windows Vista.

    The reason for this ask is pretty simple, for ASLR to be effective, DEP/NX must be enabled by default too.

    Here's the good news, I found out yesterday that all the major OEMs (you know who they are!) have agreed to not disable DEP/NX in their BIOSs by default .

    Source: http://blogs.msdn.com/michael_howard...-and-oems.aspx

  2. News (Archive)   -   #2
    peat moss's Avatar Software Farmer BT Rep: +15BT Rep +15BT Rep +15
    Join Date
    May 2003
    Location
    Delta B.C. Canada
    Posts
    10,816
    ASRL = Address Space Layout Randomization in Windows Vista

    Windows Vista Beta 2 includes a new defense against buffer overrun exploits called address space layout randomization. Not only is it in Beta 2, it’s on by default too. Now before I continue, I want to level set ASLR. It is not a panacea, it is not a replacement for insecure code, but when used in conjunction with other technologies, which I will explain shortly, it is a useful defense because it makes Windows systems look “different” to malware, making automated attacks harder.


    Link :

    http://blogs.msdn.com/michael_howard...ows-vista.aspx

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •