I've read a lot of chatter recently around new heap spraying techniques taking advantage of HTML5, specifically...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
the research by Peter Van Eeckhoutte. Could you provide an update on this classic security attack technique? How can organizations protect their Web browsers from these new attacks?
Ask the Expert
Have questions about enterprise information security threats for expert Nick Lewis? Send them via email today! (All questions are anonymous)
There is a variety of heap spraying techniques, but basically, an attacker writes to the heap in memory for a running program, then exploits a different vulnerability to cause the exploit to call the commands in the heap memory. This basically makes it easier to exploit a vulnerability. The heap spray attack technique researched by Peter Van Eeckhoutte allows for reliable exploitation on Internet Explorer 10 and Firefox where malicious code is executed, but doesn't specifically target HTML5, making it more broadly applicable.
In terms of mitigations for this specific exploit, Van Eeckhoutte's attack technique bypasses the default configuration of Microsoft's Enhanced Mitigation Experience Toolkit (EMET). Changing the default EMET settings to address high-memory addresses enables EMET to block the attack, however. Web browser makers have sought to prevent heap spray attacks by implementing additional memory protection controls in recent versions. Web browsers can also be run with least privilege, which makes it more difficult to exploit the vulnerabilities to gain administrator access.
For enterprises, protecting Web browsers from new attacks is similar to protecting against malware, but for Web browser makers, it should be part of their core security development lifecycle. Enterprises should update their security programs to plan for new attack techniques aimed at Web browsers or any software on endpoints, including a way to rapidly push out updates that mitigate new attacks. This should be part of protecting the underlying operating system.
Dig Deeper on Emerging cyberattacks and threats
Related Q&A from Nick Lewis
When NSA cyberweapons went public, attackers bundled them into the EternalRocks malware. Nick Lewis takes a closer look at this new threat and ...continue reading
A Google Docs phishing attack used OAuth tokens to affect more than a million Gmail users. Nick Lewis explains how it happened, and how to defend ...continue reading
A vulnerability in Microsoft's Windows Defender antivirus tool left users open to remote code exploitation. Expert Nick Lewis explains how it ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.