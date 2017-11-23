US CERT issues warning on ASLR vulnerability in Windows

By
US CERT issues warning on ASLR vulnerability in Windows

US CERT has issued a warning on a vulnerability in Windows' Address Space Layout Randomisation (ASLR) that affects Windows 8, Windows 8.1, and Windows 10 which could allow an attacker to take control of an affected system.

CERT's Will Dormann wrote in Vulnerability Note #817544 that both the Enhanced Mitigation Experience Toolkit and Windows Defender Exploit Guard without also enabling system-wide bottom-up ASLR. ASLR is designed to prevent code-reuse attacks by loading modules in non-predictable addresses, however, the default setting for Windows Defender Exploit Guard GUI is "On by default" and does not reflect the underlying registry value (unset) resulting in programs being relocated to the same address even if the computer is rebooted.

“Windows 8 and newer systems that have system-wide ASLR enabled via EMET or Windows Defender Exploit Guard will have non-DYNAMICBASE applications relocated to a predictable location, thus voiding any benefit of mandatory ASLR. This can make exploitation of some classes of vulnerabilities easier,” Dormann wrote.

There is no solution at this time, but Microsoft is investigating the issue.

This article originally appeared at scmagazineuk.com

Copyright © SC Magazine, UK edition
Tags:
address space layout aslr operating systems vulnerability windows 10 windows defender

Most Read Articles

More than 400 of the most popular sites are logging everything you type

More than 400 of the most popular sites are logging everything you type
Review: Intel Core i7 8700K CPU

Review: Intel Core i7 8700K CPU
AMD drops Ryzen prices for Black Friday

AMD drops Ryzen prices for Black Friday
Building believable AI in games: F.E.A.R.

Building believable AI in games: F.E.A.R.
Would you like to receive

Our Newsletter?

PC & Tech Authority Software Store

Discounted downloadable software

PC & Tech Authority Downloads

Access to free software downloads

Most popular tech stories