A feature in Intel’s Haswell CPUs can be abused to reliably defeat an anti-exploitation technology that exists in all major operating systems, researchers have found.
The technique, developed by three researchers from State University of New York at Binghamton and the University of California in Riverside, can be used to bypass ASLR (address space layout randomization) and was presented this week at the 49th annual IEEE/ACM International Symposium on Microarchitecture in Taipei.
ASLR is a security mechanism used by operating systems to randomize the memory addresses used by key areas of processes, so that attackers don’t know where to inject their exploit shellcode.
To read this article in full or to leave a comment, please click here