 StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2 | reply to Smokey Bear
Re: IE Zero-Day W8 has EMET (under another name?) built-in. Besides W8 comes with IE10 which isn't vulnerable. |
|
 trparkyApple... YUMPremium,MVM
join:2000-05-24
Cleveland, OH
kudos:2 | EMET does indeed work with Windows 8. I have it protecting Firefox on my Windows 8 installation. |
|
|
|
StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2 Reviews:
 ·CenturyLink
| said by trparky:EMET does indeed work with Windows 8. That wasn't my point BTW. I thought W8 included some version of EMET out of the box.
--
Don't feed trolls--it only makes them grow! |
|
trparkyApple... YUMPremium,MVM
join:2000-05-24
Cleveland, OH
kudos:2 | Maybe, I don't know. |
|
trparkyApple... YUMPremium,MVM
join:2000-05-24
Cleveland, OH
kudos:2 Reviews:
 ·Time Warner Cable
| ASLR and exploit mitigations
Address Space Layout Randomization (ASLR) was introduced in Windows Vista and is essentially a technique to mitigate the infamous “Buffer Overrun” vulnerabilities by randomly moving the location of code and data in memory. In Windows 8 randomization is increased in order to foil known techniques for bypassing ASLR. Other mitigations include changes to the Windows kernel and heap, including new integrity checks and randomization using a similar approach to ASLR. Internet Explorer 10 will also benefit from these changes: besides including an “Enhanced Protected Mode” sandbox, there will be a “ForceASLR” option in IE10 that can randomize all modules loaded into memory by the browser, regardless if those modules did not opt in to use ASLR protection (developers can create modules that take advantage of ASLR protection by using the optional /DYNAMICBASE flag).
EMET provides much more than that.
--
Tom
Boycott AT&T uVerse! | Tom's Android Blog | AOKP (The Android Open Kang Project) |
|
StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2 | Well regardless XP/Vista/Win7 users would be well served by installing/configuring it. Win8 I'm not sure.
--
Don't feed trolls--it only makes them grow! |
|
| reply to trparky
Internet Explorer 9 and 10 are not vulnerable to this exploit. |
|
| Where I work, we still use IE 8. What should companies urge to do in the meantime while MS decides to roll up the patch for this?
We cannot upgrade to IE 9 or 10.
And also, we not allowed to use Firefox and other browsers either.
The workarounds explained on the MS site, is to extend the Internet/Intranet Security zones to HIGH, and thats no good for the users because IE is then worthless to use....unless adding those sites in the Trusted Zones.
And also, even though if MS decides to roll out the patch on Tuesday, our IT department has to still then delay the patch deployment for about a week in order to test it with our applications.
So what should companies like this do in this case if this is a huge exploit??? |
|
trparkyApple... YUMPremium,MVM
join:2000-05-24
Cleveland, OH
kudos:2 | EMET would be the best bet in that kind of situation. |
|
