It looks like Microsoft released a new version of EMET: http://blogs.technet.com/b/srd/archive/2011/05/18/new-version-of-emet-is-now-available.aspx.
Does anyone know what the “Bottom-up Rand” is mitigating? Perhaps threats that use a loose process DACL (VM_PROCESS_READ, VM_PROCESS_WRITE and friends) [1] combined with deterministic base addresses? Jeff [1] http://msdn.microsoft.com/en-us/library/ms684880(v=vs.85).aspx _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
