ISV best practices, Corrupted Heap Termination, the pursuit of (security) happiness . . .


MikeHow just wrote a brief write-up of some of the things our new heap manager on Vista is capable of detecting at runtime over at the SDL blog: http://blogs.msdn.com/sdl/archive/2008/06/06/corrupted-heap-termination-redux.aspx


As with the Low Fragmentation Heap – you can opt-in to that stuff by calling the HeapSetInformation() API and passing in the handle to your heap (or any heap in your process for that matter).


Speaking of opting-in to various good for security things – here’s a great write-up from Matt Thomlinson and the aforementioned Mikehow from last year: http://msdn.microsoft.com/en-us/library/bb430720.aspx


The paper has a nice write-up of the following mitigation technologies in Windows for the every (wo)man:


  • /GS Stack buffer overrun detection.
  • /SafeSEH exception handling protection.
  • No eXecute (NX) / Data Execution Prevention (DEP) / eXecute Disable (XD).
  • Address space layout randomization (ASLR).
  • Heap randomization.
  • Stack randomization.
  • Heap corruption detection.

  • Comments (0)