Peter Vreugdenhil and Nils, both vulnerability researchers successfully bypassed the important security measures of Windows 7 by finding ways to disable DEP (data execution prevention) and ASLR (address space layout randomization), which are two of Windows 7's most vaunted anti-exploit features during the Pwn2Own hacking Contest.
To outwit ASLR -- which randomly shuffles the positions of key memory areas to make it much more difficult for hackers to predict whether their attack code will actually run -- Vreugdenhil used a heap overflow vulnerability that allowed him to obtain the base address of a .dll module that IE8 loads into memory. He then used that to run his DEP-skirting exploit.
DEP, which Microsoft introduced in 2004 with Windows XP Service Pack 2, prevents malicious code from executing in sections of memory not intended for code execution and is a defense against, among other things, buffer-overflow attacks.
Nils also sidestepped the ASLR and DEP to exploit the newest version of Mozilla Firefox. The respective companies officials were present at the occasion and were detailed about the flaws. The bugs will be made public only once they are fixed by the respective organizations
Full download of the Pdf Paper : Here
0 comments:
Post a Comment