Exploit Mitigation Improvements In Windows 8

Discussion in 'other security issues & news' started by Hungry Man, Nov 8, 2012.

Thread Status:
Not open for further replies.
  1. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
  2. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,855
    Very good read HM, thanks for the link, some great improvements in Windows 8. Also worth nothing is the improvements in the 64bit build over the 32bit build of Windows 8, it's not just isolated to entropy.

    Interesting quote:
    This seems to hold true with what we've been seeing, less OS exploits and more program exploits.

    I am, however, beginning to loose track of all the acronyms! :s
     
  3. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Yeah, it's one of the clearer reports I've seen.

    There are definitely very few OS exploits over the last few years due to the recent changes and MS is ensuring that that continues with Windows 8. The nice thing is that these techniques can all be used by programs and the information leaks being removed will help every program, not just the OS.

    Still, Vupen broke IE10 (not Enhanced Protected Mode but that's less relevant since this is about memory protection) so there's clearly still work to be done. I'm wondering what they used.

    My guess is that information leaks are going to be valued much higher now and we'll be seeing many more of them.
     
  4. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,855
    Well as you know it's a cat and mouse game not a winning game, there never stops being work to be done.
     
  5. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    True. Without details it's a bit of a pain to speculate.

    For example if this were simply some data disclosure but I'd say Microsoft is on the "winning side" but if it's another issue like UserSharedData allowing for generic ASLR bypasses I'd say it's a more serious issue.
     
Loading...
Thread Status:
Not open for further replies.