Windows Vista to get Address Space Layout Randomization (ASLR)

I've wanted to mention this for a while, but haven't had the time.

Michael Howard writes about "a new defense against buffer overrun exploits called address space layout randomization" (ASLR) that is included in Windows Vista Beta 2. He also indicates that "it’s on by default too". Does this mean that it is possible to disable it? And if so will the ability to disable it make its way to the final release of Vista?

It seems that ASLR, combined with other strategies, will result in some significant improvements to the security of the Windows Vista platform. And personally, I don't see how it is relevant that various *nixz may have had this feature for a while. It just lends credibility to the decision to add the feature to Vista, I suppose.


No comments: