hypnosec writes: Microsoft upped its security ante with Address Space Layout Randomization (ASLR) in Windows 7 and Windows 8 but, it seems that this mechanism to preventing hackers from jumping to a known memory location can be bypassed as a hacker has released a brilliant yet simple trick to circumvent the protection. Going by the name KingCope, the hacker who released a dozen exploits targeting MySQL, SSH last December, has detailed a mechanism through which ASLR of Windows 7, Windows 8 and probably other operating systems can be bypassed to load a DLL file with malicious instructions to a known address space. KingCope has explained the method in a blog post along with a PoC.
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's now on IFTTT. Check it out! Check out the new SourceForge HTML5 Internet speed test! ×