ASLR bypass flaws have been in the news lately; I read about one in Internet Explorer that Microsoft will not patch....
What are the best ways to improve Web browser security and prevent falling victim to ASLR bypass vulnerabilities?
Microsoft has made significant advances in securing Windows in the last 10-plus years and one of the significant improvements was adding address space layout randomization. ASLR "is a memory-protection process for operating systems that guards against buffer-overflow attacks by randomizing the location where system executables are loaded into memory." It is one of the key operating system protections for software with vulnerabilities, but does not mitigate all potential vulnerabilities.
In 2014, Microsoft introduced ASLR features called Isolated Heap and MemoryProtection, but it did not address all potential ways memory can be exploited as part of an attack. These two new memory protections required Microsoft to test the impact of the new ASLR features on legitimate software and on the operating system to help determine if the new ASLR features broke legitimate software or introduced new software defects into the operating system. Given the complexity of ASLR and other memory protections, it is difficult and resource intensive to implement new protections. The complexity of ASLR also requires Microsoft to do a cost-benefit analysis and understand the overall additional protection for its customer base.
Not all security vulnerabilities are high enough risk to merit the potential significant resources needed to fix them. This is a very delicate balance, and in the past Microsoft has decided to introduce major security changes for comprehensive service packs or the next version of Windows.
Since 32-bit Internet Explorer is not being patched for the disclosed vulnerability, potential additional protections against an ASLR bypass vulnerability include deploying Microsoft's Enhanced Mitigation Experience Toolkit and running Internet Explorer in a sandbox or secure VM. These protections could also defend against other future vulnerabilities similar to the ASLR bypass flaw. HP TippingPoint also has protections in place for its customers.
Ask the Expert:
Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)
Learn how to adapt your security program for emerging threats
Find out how to defend against digitally signed malware
Discover whether it's time to ditch the RC4 algorithm
Dig Deeper on Web application and API security best practices
Related Q&A from Nick Lewis
Zscaler recently discovered a malvertising campaign that spreads the Terror exploit kit through malicious ads. Discover more about the threat with ... Continue Reading
Cybersecurity vendor Wordfence reported a rise in scans for SSH private keys that are often accidentally exposed to the public. Learn how to stay ... Continue Reading
The SANS Internet Storm Center discovered a DDE attack spreading Locky ransomware through Microsoft Word. Learn what a DDE attack is and how to ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.