Microsoft defends Windows 10 against ASLR criticism

Is it a bug or a feature? It’s one of the oldest debates in software.

Earlier this month the OS world was treated to the latest instalment, this time focusing on the way Microsoft implemented a low-level security protection called Address Space Layout Randomization (ASLR) in Windows 8 and 10.

On one side of the argument is Will Dormann, an engineer with Carnegie Mellon University’s CERT Coordination Center (CERT/CC), the body tasked by the US Department of Homeland Security with handing out important security advice.

His opening salvo was a tweet on 16 November in which he described the way Windows implements ASLR as “essentially making it worthless.”

Read full news article on Naked Security

 


Date:

Categorie(s):