Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
TRENDING TODAY
Home > News > Security

July 22nd, 2012, 06:51 GMT · By

Chris Valasek: The Windows 8 Heap Manager Is the Most Secure to Date

SHARE:

Adjust text size:

Chris Valasek
Enlarge picture
At this year’s Hack in the Box conference in Amsterdam we’ve had the opportunity to speak to Steven Seeley regarding his research on heap managers. Since the topic was highly interesting, and since part of expert’s work was based on prior analysis made by Chris Valasek, we decided to do a follow-up on the subject by talking to Valasek himself.

Chris Valasek, who works as a security research scientist at Coverity, is highly passionate about the topic and as soon as Windows 8 was released, he started studying its heap manager to learn what improvements have been made.

According to the researcher, Microsoft has been busy addressing all the issues affecting the heap manager in Windows 7.

“After looking through the Windows 8 Heap Manager it was very apparent that MSFT was privy to all the current exploitation techniques. All of the deficiencies that were present in Windows 7 were addressed in Windows 8 (and then some!),” he told Softpedia in an email.

“They’ve also added additional protections, such a chunk randomization (attackers can no longer guarantee 100% that a piece of memory will come from their desired location), guard pages (inaccessible space inserted between heap memory, to mitigate the effects of a heap overflow), and some others,” he added.

“It is definitely the most secure Windows heap manager to date.”

However, the lucky security enthusiasts who will take part in this year’s Black Hat USA security conference – where Valasek will detail his work − will learn that it’s not bulletproof.

“I’ve identified a couple of new techniques for Windows 8, but they do require more preconditions than their Windows 7 counter parts. Leveraging Windows heap meta-data is VERY limited in Windows 8,” the expert explained.

We’ve asked him about the most important improvements made to the heap manager from the 7 version of Microsoft’s operating system to Windows 8.

He said, “The removal of the FreeEntryOffset, memory randomization, and guard pages seem to be the most effective steps preventing exploitation in the Windows 8 heap manager.”

The complete presentation, entitled “Windows 8 Heap Intervals,” will be made on July 25 at Black Hat 2012 USA.


3,337 hits · 2 comments
Link to this article · Print article · Send to friend

MUST-READ RELATED ARTICLES:


Expert Develops Script That Evades AV Detection for Metasploit Backdoor Payloads
NFC Can Be Used to Steal Files and Take Control of Phones, Expert Says
Researchers Identify “Invisible” Data Theft at Black Hat USA 2012
Cryptography and Neuroscience: Using Passwords You Don’t Actually Know
Flaw in Artema Hybrid Terminals Allows Hackers to Collect Payment Card Details

READER COMMENTS:


Comment #1 by: ankit srivastav on 25 Jul 2012, 03:55 UTC reply to this comment

does not working internet widows 8 plese help


Comment #2 by: ankit srivastav on 25 Jul 2012, 03:57 UTC reply to this comment

does not working internet micromax310G mardom only so in no device no ,network, no search plese help me

Copyright © 2001-2013 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2013 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use