Spybot S&D and lack of ASLR support
- Thread starter m00nbl00d
- Start date
BoerenkoolMetWorst
New member
No reply from Safer-Networking?
Do you know that you're making the system vulnerable by loading DLL's that don't support ASLR into processes that are exploited like explorer.exe and browsers?
http://blog.didierstevens.com/2011/01/17/quickpost-it-does-no-harm-or-does-it/
http://www.scriptjunkie.us/2011/06/bypassing-dep-aslr-in-browser-exploits-with-mcafee-symantec/
I did a quick test with the latest beta and checked IE and explorer.exe, the DLL in explorer.exe doesn't support ASLR.
Do you know that you're making the system vulnerable by loading DLL's that don't support ASLR into processes that are exploited like explorer.exe and browsers?
http://blog.didierstevens.com/2011/01/17/quickpost-it-does-no-harm-or-does-it/
http://www.scriptjunkie.us/2011/06/bypassing-dep-aslr-in-browser-exploits-with-mcafee-symantec/
I did a quick test with the latest beta and checked IE and explorer.exe, the DLL in explorer.exe doesn't support ASLR.
What's the news? :wink:
Is it just that Spybot doesn't use ASLR by default (like most apps) or that it (like Safari) fails to work when EMET or a similar tool is used to force Spybot to use ASLR?
Also it might be a good idea to see whether the beta of Spybot 2 does support ASLR; perhaps it was only added in this time because of increased support across the operating systems in the user-base.
Also it might be a good idea to see whether the beta of Spybot 2 does support ASLR; perhaps it was only added in this time because of increased support across the operating systems in the user-base.