11:42 Browser Support technology data execution prevention | |
| As is known, a significant portion of malware, leaking on users' computers, gets there by using the errors in the browsers, and even more - in the popular plug-ins such as Flash, Adobe Reader, Java, etc. In this case, a significant portion of these vulnerabilities (namely, those that are related to buffer overflow) could be blocked, including the browser and its plug-in technology support Data Execution Prevention, is available in the OS family of Windows, start with XP SP2. In summary: This technology prevents execution of code from memory regions marked as "non-executable", ie that contain data not intended for execution by the processor. Thus, when trying to use a buffer overflow to run arbitrary code, it will generate an exception, and the program Affected - closed. Unfortunately, not all programs are able to fully operate in a mode of DEP, and popular browsers - is no exception. Here is an overview of opportunities to work through DEP modern browsers. Internet ExplorerIn IE7 operation mode of DEP were forcibly disabled by default due to problems with plug-ins. In msdn write that IE8 by default includes support for DEP as a browser, and for child processes (plugins, activex, etc.), while in the IEBlog argue that the problems with popular plug-ins using the DEP is not observed (for link in comments). ChromeIt is known that Chrome not only supports the mode DEP, but also specifically includes it in order to improve the security of the basic processes of the browser (but plug-ins DEP included in the limited compatibility mode). FirefoxThe forums mozilla actively discussed "departures» firefox, associated with the DEP, including recent versions of FF. In this case, I could not find in Bugzilla confirmed bugs related to the DEP, and on recent versions of the browser (checked all the unconfirmed bugs related to the DEP, in his XP/SP3/FF3.6 - not confirmed). The commentaries argue that any problems with the FF when the DEP was observed. OperaOpera developers claim that Opera can run in DEP, since version 9.64 (the normal operation of the browser in the mode of DEP, it seems, begins only with version 10.50rc3, in which fixed an important bug associated with the DEP). Does the plugin mode DEP - it is not known. SafariI could not find reliable information about the presence or absence of DEP support in Safari for Windows. PS: Do not confuse "supports DEP» (ie, able to work normally, if DEP is enabled for all applications in the system by default) and "specifically includes DEP» (ie, establishes a regime of DEP for their process, even when DEP is disabled at the system level). PPS: Of course, system administrators should keep in mind that the DEP - not a panacea. More serious protection can ensure the inclusion of ASLR on Vista / Seven and installation WehnTrust on XP (actually one and the same method, just in XP there is no native support ASLR). But that's another story, however, if the topic is interesting - I will make a separate note. UPD: More on the implementation of the DEP support in Chrome (# 1 translation, translation # 2). The author believes that the developers of the browser may have to disassemble the windows, to understand how to change modes on DEP for a process in XP (with Vista it can be done through documented API). | |
|
| |
| Total comments: 0 | |