Technology news and Jobs 
Information Technology News Vista "no silver bullet" says Symantec
Information Technology News Vista "no silver bullet" says Symantec | Vista "no silver bullet" says Symantec |
|
| by Stephen Withers | |
| Thursday, 01 March 2007 | |
|
Page 1 of 2   
Featured Whitepaper
5 Best Practices for Smartphone Support
But other technologies don't automatically materialise with Vista - it's up to developers to take advantage of them by either rewriting their code or in some cases recompiling it with Microsoft's latest developer tools. Until applications are updated to take advantage of them, the vulnerabilities will remain. A few Vista components do not yet fully utilise the available technologies. Furthermore, the implementation of at least of these technologies is flawed. Address Space Layout Randomisation (ASLR) is supposed to randomly locate programs in memory, making it harder for an attacker to target memory corruption or manipulation vulnerabilities. Symantec has determined that randomness is far from uniform, and certain addresses are far more likely to be used than others, increasing the probability of successfully guessing the location. This problem should be fixed in Vista SP1, but there's more.
|
| < Next story in category | Previous story in the category > |
|---|
