Windows mechanisms for mitigating security vulnerabilities

Ulfar Erlingsson, Microsoft Research, Silicon Valley

To improve security, software systems can apply techniques for mitigating vulnerabilities. These mechanisms do not eliminate underlying software defects, but they can greatly increase the difficulty of successfully exploiting those defects in attacks.

Address-space layout randomization (ASLR) is one of several mitigation mechanisms present in current versions of Windows. ASLR changes the layout of memory; other mechanisms change memory access permissions, the dispatching of exceptions, function-invocation stack frames, prevent integer arithmetic overflow, and modify library functions such as printf. In the talk I will briefly overview vulnerability mitigation and its benefits and weaknesses. For most of the talk, however, I will look at the specifics of Windows mechanisms such as ASLR, how they have evolved over time, and how their design is influenced by practical issues such as backwards compatibility.

27 Feburary (Tuesday) at 1630 hrs

Gates 4B (opposite 490)