[Dailydave] The sky's downward trajectory
endrazine
endrazine at gmail.com
Mon Feb 19 13:27:33 EST 2007
Hi dear readers,
Rhys Kidd a écrit :
>
> So what does Microsoft provide to make this more secure?
>
> Firstly the push by Michael Howard et al to get ASLR implemented in
> Vista beta 2 and above means the addresses within ntdll.dll are going
> to be somewhat random, thereby making reliable use of this technique
> difficult. NX bit based defenses really should be implemented
> hand-in-hand with some form of memory randomisation, as was documented
> by the PaX project.
>
Put me in my place if I'm wrong, but adresses are only randomized once
at boot up, making the Vista randomization far less effective than a run
time randomization a la PaX. Well, at least, thats what I understood
from the Microsoft TechDays in Paris 2 weeks ago.
> Secondly, as Dave mentioned setting "AlwaysOn" in boot.ini should
> prevent DEP from being disabled on a per-process basis.
>
> HTH.
> Rhys
>
Regards,
endrazine-
More information about the Dailydave
mailing list