ZDNet

New BlindSide attack uses speculative execution to bypass ASLR

While robust passwords help you secure your valuable online accounts, hardware-based two-factor authentication takes that security to the next level. Read now Academics have developed a new technique ...
Threat Post

Bypassing ASLR in 60 Milliseconds

An academic paper demonstrates a new ASLR bypass executed through a side-channel attack against the branch target buffer in an Intel Haswell CPU. Address Space Layout Randomization was a champion ...
Hackaday

ASLR^CACHE

Researchers from VUSec found a way to break ASLR via an MMU sidechannel attack that even works in JavaScript. Does this matter? Yes, it matters. A lot. The discovery of this security flaw along with ...
Redmond Magazine

Microsoft Explains That Windows ASLR Flaw Is Really a Feature

Microsoft provided an explanation this month for an apparent security flaw in Address Space Layout Randomization (ASLR), a Windows protection scheme. The alleged flaw was described in a vulnerability ...
Bleeping Computer

Windows 8 and Later Fail to Properly Apply ASLR, Here's How to Fix

Windows 8, Windows 8.1, and subsequent Windows 10 variations fail to properly apply ASLR, rendering this crucial Windows security feature useless. Address Space Layout Randomization (ASLR) is a ...
MCPmag

Microsoft: That Windows ASLR Flaw Is Actually a Feature

Microsoft is rationalizing that an apparent security flaw in the ASLR Windows protection scheme was placed there on purpose. The alleged flaw was described in a vulnerability note published this month ...
Hackaday

ASLR^CACHE Attack Defeats Address Space Layout Randomization

Researchers from VUSec found a way to break ASLR via an MMU sidechannel attack that even works in JavaScript. Does this matter? Yes, it matters. A lot. The discovery of this security flaw along with ...
Ars Technica

OEMs do their part to support ASLR in Vista

Earlier this week, Ars discussed a few of the new security features found in Windows Vista. One feature mentioned, Address Space Layout Randomization (ASLR), has been getting some extra press this ...
Bleeping Computer

JavaScript Attack Breaks ASLR on 22 CPU Micro-Architectures

Five researchers from the Vrije University in the Netherlands have put together an attack that can be carried out via JavaScript code and break ASLR protection on at least 22 processor ...
eWeek

Windows Vista Randomization Gets OEM Thumbs Up

Microsofts use of code-scrambling diversity to secure Windows Vista is getting crucial support from OEM partners. The Redmond, Wash. software giant has convinced major U.S. computer makers—including ...
PC World

Intel CPU flaw could help attackers defeat security features

A feature in Intel’s Haswell CPUs can be abused to reliably defeat an anti-exploitation technology that exists in all major operating systems, researchers have found. The technique, developed by three ...