Certified company | Engineering the world

Get in touch

Windows Security Feature Has Been Deliberately Reduced

Nov 29, 2017 | Uncategorized | 0 comments

Twenty years ago, the phrase “It’s not a bug, it’s a feature” was coined in the context of Microsoft and has long since become a household word.And right now, regarding Windows, one can once again manage to use the cliché behind the words – in dealing with a recently published security report.

Windows Security

The CERT of the Software Engineering Institute recently pointed out that key security technology is no longer working properly in newer versions of Windows, Redmond Magazine reported. It’s about Address Space Layout Randomization (ASLR). This ensures that functions of program codes are stored in the working memory in various, randomly selected locations. Malware should no longer be able to specifically use routines that, for example, always provide the operating system by default.
Also Read: Not All New Windows 10 Features Are Immediately Available For All Testers

According to the analysis of the CERT experts, there had been a major change in the use of ASLR after Windows 7. The storage locations of a number of executables and DLLs were no longer adequately randomized, which was marked as a security risk because the previous protection status no longer existed. In particular, when the Enhanced Mitigation Experience Toolkit (EMET) was not used, therefore opened weak points.

However, Matt Miller of the Microsoft Security Response Center has now rejected this presentation and stated that the ASLR functions exactly as intended by the developers in Redmond. What the CERT experts described as a security vulnerability was rather a configuration problem on their side. Because the difficulties described would only occur if the EXE file, which is the root of the following executable code, has not already registered for the ASLR.

Also Read: Windows Defender Receives A Poor Rating On The AV Test Again

Of course, the need for opt-in to the protection mechanism can lead to security risks if the code does not play along. Nevertheless, Microsoft decided to opt for such a procedure in order to prevent complicated compatibility problems in various existing applications. Miller describes in his blog post also a registry manipulation, with which you can force ASLR for all codes – but this can lead to difficulties with different programs.

Also Read: Windows 10 Gets A New Game Bar

In the end, Redmond decided in favor of security even in this case. The priority was simply that the user gets as few problems as possible when using his old applications, hen he changes to the new operating system. Instead of exerting pressure on the manufacturers to provide an update, it is then preferred to dispense in parts with a decisive security feature.


let’s get connected

Have a Question?

If you have any questions or need to discuss about your project
Feel free to reach out to our friendly team.