By Darren Allan
News has emerged of a worrying flaw in Intel’s processors which can be leveraged to bypass a major security feature that the majority of mainstream operating systems use (including Windows, macOS and Linux).
The security feature we’re talking about in this hardware-sabotages-software scenario is ASLR or Address Space Layout Randomisation, a memory protection measure that aims to defend against the likes of stack overflow attacks and other memory corruption nastiness.
Essentially, it aims to foil such exploits by randomising the address space locations of pieces of code, so an attacker can’t pin them down – and will probably cause a crash in any attempt to do so. And obviously the targeted application or OS crashing is a far more preferable result to having the system cracked open and left at the mercy of the attacker.
The bad news is that as Ars Technica reports, a professor in the Computing Science and Engineering department at the University of California at Riverside, Nael Abu-Ghazaleh, has worked with colleagues and found a way to bypass ASLR using an exploit in an Intel Haswell processor.
Robust attack
In a paper detailing their findings, the researchers wrote: “We demonstrated a successful attack on a system with …read more
Source:: techradar.com – Computing Components
Previous post
Next post