Windows 7 Architectural and Internal Security Improvements - Address Space Layout Randomization

Address Space Layout Randomization (ASLR) is another defense capability in Windows Vista and Windows 7 that makes it harder for malicious code to exploit a system function. Whenever a Windows Vista or Windows 7 computer is rebooted, ASLR randomly assigns executable images (.dll and .exe files) included as part of the operating system to one of multiple possible locations in memory. This makes it harder for exploitative code to locate and therefore take advantage of functionality inside the executables. Windows Vista and Windows 7 also introduce improvements in heap buffer overrun detection that are even more rigorous than those introduced in Windows XP SP2. When signs of heap buffer tampering are detected, the operating system can immediately terminate the affected program, limiting damage that might result from the tampering. This protection technology is enabled for operating system features, including built-in system services, and can also be leveraged by Independent Software Vendors (ISVs) through a single API call.

Source of Information : Windows 7 Resource Kit 2009 Microsoft Press

No comments:

The many complications and risks of tape

Magnetic tape technology was adopted for backup many years ago because it met most of the physical storage requirements, primarily by being ...