On Thu, Dec 23, 2010 at 6:20 PM, Larry Seltzer <[email protected]> wrote: > http://blogs.pcmag.com/securitywatch/2010/12/exploit_for_unpatched_ie_vulne.php > > http://blogs.pcmag.com/securitywatch/2010/12/ie_0-day_shows_microsoft_devel.php > > In case you hadn’t heard, there was an IE 0-day which, because a particular > DLL was linked without /DYNAMICBASE, can bypass ASLR and DEP. > > MS says there’s no reason not to use EMET to rebase the DLL, so I ask why > they didn’t make it that way to begin with. Turns out /DYNAMICBASE isn’t > really required by the SDL. Shouldn’t it be required unless you have a damn > good reason not to use it? Something’s wrong with this picture. > In 'Writing Secure Code for Windows Vista', Howard and LeBlanc dedicate 4 pages to ASLR. In their "Call for Action" (page 72), they state all software should use ASLR, Heap Defenses, NX, /GS, and SafeSEH. I wonder what else was not followed.
Jeff _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
