INFRA
INFRA
INFRA
Microsoft: Alleged security vulnerability in Windows is a feature, not a bug
Microsoft Corp. Tuesday hit back at claims of an alleged security vulnerability in Windows 8 and 10 that could allow a remote attacker to take control of an affected system, saying the security coding is a feature, not a flaw.
The drama started last week when the U.S. Computer Emergency Response Team issued a warning Friday saying that a flaw in ASLR from Windows 8 onwards failed to randomize connections properly, leaving it open to attack.
Address Space Layout Randomization is a feature first introduced in Windows Vista that is designed to randomize the memory location in which applications get loaded and executed. The aim is to make it difficult for malicious actors to exploit vulnerabilities such as buffer overflows by altering the memory locations in which important data is stored. What CERT claimed is that instead of properly randomizing those locations, ASLR instead stores supposedly randomized data in exactly the same place instead, defeating its theoretical purpose.
Windows 8 and later “fail to properly randomize every application if system-wide mandatory ASLR is enabled via EMET [Microsoft’s enhanced mitigation experience toolkit] or Windows Defender Exploit Guard,” CERT claimed.
Microsoft was having none of it, however. Matt Miller from Microsoft’s Security Response Center wrote in a blog post Tuesday that the way ASLR allocated randomization was a feature and not a bug.
“ASLR is working as intended and the configuration issue described by CERT/CC only affects applications where the EXE does not already opt-in to ASLR,” Miller wrote. “The configuration issue is not a vulnerability, does not create additional risk, and does not weaken the existing security posture of applications.”
Miller went on to say that the Windows Defender Exploit Guard team is investigating a configuration issue that prevents system-wide enablement of bottom-up ASLR and is working to address it accordingly, but added that the issue “does not create additional risk as it only occurs when attempting to apply a non-default configuration to existing versions of Windows.”
Photo: Packa/Wikimedia Commons
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU
