A security feature used in the open-source world is now helping to harden Windows Vista against buffer overrun exploits. Microsoft has quietly fitted the feature, called ALSR (Address Space Layout Randomization) in Windows Vista Beta 2 as part of a larger plan to make it more difficult to automate attacks against the operating system.

“Not only is it in Beta 2, it’s on by default too,” said Michael Howard, senior security program manager at Microsoft in a blog entry announcing the news. “We added ASLR pretty late in the game, but we decided that adding it to beta 2 and enabling it by default was important so we can understand how well it performs in the field,” Howard said.

View: Full Story
Source: eWeek via MSFN