I've read a lot of chatter recently around new heap spraying techniques taking advantage of HTML5, specifically...
the research by Peter Van Eeckhoutte. Could you provide an update on this classic security attack technique? How can organizations protect their Web browsers from these new attacks?
Ask the Expert
Have questions about enterprise information security threats for expert Nick Lewis? Send them via email today! (All questions are anonymous)
There is a variety of heap spraying techniques, but basically, an attacker writes to the heap in memory for a running program, then exploits a different vulnerability to cause the exploit to call the commands in the heap memory. This basically makes it easier to exploit a vulnerability. The heap spray attack technique researched by Peter Van Eeckhoutte allows for reliable exploitation on Internet Explorer 10 and Firefox where malicious code is executed, but doesn't specifically target HTML5, making it more broadly applicable.
In terms of mitigations for this specific exploit, Van Eeckhoutte's attack technique bypasses the default configuration of Microsoft's Enhanced Mitigation Experience Toolkit (EMET). Changing the default EMET settings to address high-memory addresses enables EMET to block the attack, however. Web browser makers have sought to prevent heap spray attacks by implementing additional memory protection controls in recent versions. Web browsers can also be run with least privilege, which makes it more difficult to exploit the vulnerabilities to gain administrator access.
For enterprises, protecting Web browsers from new attacks is similar to protecting against malware, but for Web browser makers, it should be part of their core security development lifecycle. Enterprises should update their security programs to plan for new attack techniques aimed at Web browsers or any software on endpoints, including a way to rapidly push out updates that mitigate new attacks. This should be part of protecting the underlying operating system.
Dig Deeper on Emerging Information Security Threats
Related Q&A from Nick Lewis
IP devices like multifunction printers and faxes may be an attack vector. Expert Nick Lewis explains the vulnerabilities, and how to secure them ...continue reading
AceDeceiver is a Trojan that can install itself on iOS devices without any certificates. Expert Nick Lewis explains how it works, and how enterprises...continue reading
USB Thief, a new type of stealth malware, leaves no trace on air-gapped targets. Expert Nick Lewis explains how the malware works and how enterprises...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.