Insufficient data from Andrew Fryer

The place where I page to when my brain is full up of stuff about the Microsoft platform

Internet Explorer 8 on Vista and Windows 7

Viral has just pinged me a write up of a hacking contest from the Washington Post (he is American after all) . The "Pwn2Own" contest at the CanSecWest security conference in Vancouver won by a 25 year German student called “Nils”.  He won $15,000 for exposing a vulnerability in IE8 beta.  This is good as this is what betas are there for and this was fixed the next day by Microsoft (as discussed here on the Microsoft Security Research & defence blog) and so the released version is that but more secure.

However browsers run on operating systems so what’s also interesting in this article is how the cross platform browser Firefox is more secure on Windows Vista / Windows 7 of their data execution prevention (DEP) and address space layout randomization (ASLR) capabilities.  XP has DEP from sp2 but  ASLR only came in with Vista and to quote  Nils “ASLR doesn’t appear to be properly implemented between OS X and versions of Safari and Firefox built for that operating system”.

Finally it is only with IE8 that the browser can block the .NET DEP +ASLR bypass mechanism and so as Nels says in the article

"It’s getting pretty hard to do a lot of this stuff on Windows Vista and Windows 7”