Starting with Microsoft Visual Studio 2008, /DYNAMICBASE (ASLR) is the default configuration for new projects. https://blogs.msdn.microsoft.com/vcblog/2009/05/21/dynamicbase-and-nxcompat/ … But what about open-source toolchains, such as MSYS2/ming2-w64? In my testing, they've got a long way to go.
-
-
Show this thread
-
Let's look at
@GIMP_Official Nope. No ASLR protection there! Once an attacker finds an interesting crash (e.g. via fuzzing), there are no hurdles to jump to achieve code execution as the result of simply opening an image.pic.twitter.com/kFYGCfR3Fx
Show this thread -
What about the RAW image editor
@darktable_org? No ASLR protection there either. This makes it way too easy for attackers to exploit vulnerabilities.pic.twitter.com/DMqmU2MxOi
Show this thread -
How about another RAW image editor, RawTherapee? No ASLR protection is provided, which makes it more dangerous to use RawTherapee than necessary.pic.twitter.com/XfTCzKvKvi
Show this thread -
Any toolchain that uses insecure defaults is putting software that is built with it at risk. And at least the mingw-w64 provided by MSYS2 seems to not use ASLR. Though I suspect that even an updated/secured mingw-w64 may not be enough: https://insights.sei.cmu.edu/cert/2018/08/when-aslr-is-not-really-aslr---the-case-of-incorrect-assumptions-and-bad-defaults.html …pic.twitter.com/xmKItOCV4H
Show this thread
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.