DEP: the Windows Security Feature has been Cracked
By on March 5th, 2010

This week is really bad for security in particular. First we have a crack for RSA coming up, next, the Ubisoft DRM gets cracked in a day and now, DEP meets its fate.

The protection feature in windows which allowed applications to run only in their own memory space has recently been cracked. The feature known as DEP was added to the Windows OS back in XP.

DEP is explained by Wikipedia as,

Data Execution Prevention (DEP) is a security feature included in modern Microsoft Windows operating systems that is intended to prevent an application or service from executing code from a non-executable memory region. This helps prevent certain exploits that store code via a buffer overflow, for example.

Berend-Jan Wever, a Google security software engineer has recently achieved this feat through a buffer overflow attack. A malicious piece of code is executed to take control of a certain part of the memory which then acts as the bot area to run malware codes. The exact nature of the exploit has been explained by Weaver and he has also remarked that it is a matter of days before a cracker takes advantage of this, now that he has laid out the complete process to the attack.

Weaver writes,

I am releasing this because I feel it helps explain why ASLR+DEP are not a mitigation to put a lot of faith in, especially on x86 platforms. 32-bits does not provide sufficient address space to randomize memory to the point where guessing addresses becomes impractical, considering heap spraying can allow an attacker to allocate memory across a considerable chunk of the address space and in a highly predictable location.

This means all 32 bit operating systems and hardwares are insecure! I tend to use Linux more than Windows. Even while connecting to the Internet, Linux works amazingly faster than Windows. And about security, Windows is not even in the league of Linux.

Which Operating System do you use currently? How secure do you feel using it? How often do you face virus problems? Share your views with me.

Tags:
Author: Chinmoy Kanjilal Google Profile for Chinmoy Kanjilal
Chinmoy Kanjilal is a FOSS enthusiast and evangelist. He is passionate about Android. Security exploits turn him on and he loves to tinker with computer networks. He rants occasionally at Techarraz.com. You can connect with him on Twitter @ckandroid.

Chinmoy Kanjilal has written and can be contacted at chinmoy@techie-buzz.com.

Leave a Reply

Name (required)

Website (optional)

 
    Warning: call_user_func() expects parameter 1 to be a valid callback, function 'advanced_comment' not found or invalid function name in /home/keith/techie-buzz.com/htdocs/wp-includes/comment-template.php on line 1694
 
Copyright 2006-2012 Techie Buzz. All Rights Reserved. Our content may not be reproduced on other websites. Content Delivery by MaxCDN