You may have heard of ASLR if you’ve frequented websites heralding Microsoft’s newest OS, Windows Vista. ASLR stands for Address Space Layout Randomization, which is a new security mechanism, built into the new OS. As its name implies, what ASLR simply does is to load code that run the system into different memory locations.
How does this make things more secure? Most exploits call on system functions in order to operate. In current OS architectures (for Windows-based ones, at least) these system functions are loaded in fixed memory locations. “Fixed” means “predictable” and “predictable” means easily compromised. Since ASLR loads the system functions in different memory locations, it makes it more difficult for a particular exploit to access the system functions.
So is this the end of exploits? Not quite.
ASLR makes things more difficult for the exploit but not impossible. A Proof of Concept has yet to come out to challenge the new security measures introduced in Windows Vista.
By the way, there are other security mechanisms aside from ASLR that is built into Windows Vista’s architecture but I’ll be discussing that in another blog.