Two researchers claim to have found a way to circumvent both Data Execution
Protection (DEP) and Address Space Layout Randomization (ASLR). These techniques
are meant to protect the way information is stored in RAM, ASLR is relatively new
and it randomizes the way that DLLs are loaded on startup dealing a sever blow
to anyone that would try to estimate which space in RAM a worm would need to overwrite
during a buffer overflow attack.
The researchers (Mark Dowd of IBM Internet Security Systems (ISS) and Alexander
Sotirov, of VMware Inc.) will discuss the weaknesses they have found at the Black hat
briefings in Las Vegas.