Memory randomization as application security enhancement?

Posted by Paul Sasik on Stack Overflow See other posts from Stack Overflow or by Paul Sasik
Published on 2010-04-21T19:30:58Z Indexed on 2010/04/21 19:33 UTC
Read the original article Hit count: 241

Filed under:
|
|
|
|

I recently came upon a Microsoft article that touted new "defensive enhancements" of Windows 7. Specifically:

  • Address space layout randomization (ASLR)
  • Heap randomization
  • Stack randomization

The article went on to say that "...some of these defenses are in the core operating system, and the Microsoft Visual C++ compiler offers others" but didn't explain how these strategies would actually increase security.

Anyone know why memory randomization increases security, if at all? Do other platforms and compilers employ similar strategies?

© Stack Overflow or respective owner

Related posts about windows-7

Related posts about c++