UPDATED 22:18 EST / NOVEMBER 21 2017

INFRA

Microsoft: Alleged security vulnerability in Windows is a feature, not a bug

Microsoft Corp. Tuesday hit back at claims of an alleged security vulnerability in Windows 8 and 10 that could allow a remote attacker to take control of an affected system, saying the security coding is a feature, not a flaw.

The drama started last week when the U.S. Computer Emergency Response Team issued a warning Friday saying that a flaw in ASLR from Windows 8 onwards failed to randomize connections properly, leaving it open to attack.

Address Space Layout Randomization is a feature first introduced in Windows Vista that is designed to randomize the memory location in which applications get loaded and executed. The aim is to make it difficult for malicious actors to exploit vulnerabilities such as buffer overflows by altering the memory locations in which important data is stored. What CERT claimed is that instead of properly randomizing those locations, ASLR instead stores supposedly randomized data in exactly the same place instead, defeating its theoretical purpose.

Windows 8 and later “fail to properly randomize every application if system-wide mandatory ASLR is enabled via EMET [Microsoft’s enhanced mitigation experience toolkit] or Windows Defender Exploit Guard,” CERT claimed.

Microsoft was having none of it, however. Matt Miller from Microsoft’s Security Response Center wrote in a blog post Tuesday that the way ASLR allocated randomization was a feature and not a bug.

“ASLR is working as intended and the configuration issue described by CERT/CC only affects applications where the EXE does not already opt-in to ASLR,” Miller wrote. “The configuration issue is not a vulnerability, does not create additional risk, and does not weaken the existing security posture of applications.”

Miller went on to say that the Windows Defender Exploit Guard team is investigating a configuration issue that prevents system-wide enablement of bottom-up ASLR and is working to address it accordingly, but added that the issue “does not create additional risk as it only occurs when attempting to apply a non-default configuration to existing versions of Windows.”

Photo: Packa/Wikimedia Commons

Since you’re here …

… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.

Cookies

We employ the use of cookies. Find out more.