Windows Security
According to the analysis of the CERT experts, there had been a major change in the use of ASLR after Windows 7. The storage locations of a number of executables and DLLs were no longer adequately randomized, which was marked as a security risk because the previous protection status no longer existed. In particular, when the Enhanced Mitigation Experience Toolkit (EMET) was not used, therefore opened weak points.
However, Matt Miller of the Microsoft Security Response Center has now rejected this presentation and stated that the ASLR functions exactly as intended by the developers in Redmond. What the CERT experts described as a security vulnerability was rather a configuration problem on their side. Because the difficulties described would only occur if the EXE file, which is the root of the following executable code, has not already registered for the ASLR.
Also Read: Windows Defender Receives A Poor Rating On The AV Test Again
Of course, the need for opt-in to the protection mechanism can lead to security risks if the code does not play along. Nevertheless, Microsoft decided to opt for such a procedure in order to prevent complicated compatibility problems in various existing applications. Miller describes in his blog post also a registry manipulation, with which you can force ASLR for all codes – but this can lead to difficulties with different programs.
Also Read: Windows 10 Gets A New Game Bar
In the end, Redmond decided in favor of security even in this case. The priority was simply that the user gets as few problems as possible when using his old applications, hen he changes to the new operating system. Instead of exerting pressure on the manufacturers to provide an update, it is then preferred to dispense in parts with a decisive security feature.
