Windows 7 Architectural and Internal Security Improvements - Address Space Layout Randomization

Address Space Layout Randomization (ASLR) is another defense capability in Windows Vista and Windows 7 that makes it harder for malicious code to exploit a system function. Whenever a Windows Vista or Windows 7 computer is rebooted, ASLR randomly assigns executable images (.dll and .exe files) included as part of the operating system to one of multiple possible locations in memory. This makes it harder for exploitative code to locate and therefore take advantage of functionality inside the executables. Windows Vista and Windows 7 also introduce improvements in heap buffer overrun detection that are even more rigorous than those introduced in Windows XP SP2. When signs of heap buffer tampering are detected, the operating system can immediately terminate the affected program, limiting damage that might result from the tampering. This protection technology is enabled for operating system features, including built-in system services, and can also be leveraged by Independent Software Vendors (ISVs) through a single API call.

Source of Information : Windows 7 Resource Kit 2009 Microsoft Press

No comments:

Cloud storage is for blocks too, not just files

One of the misconceptions about cloud storage is that it is only useful for storing files. This assumption comes from the popularity of file...