F-Secure and ASLR

As security researcher Didier Stevens explains(http://blog.didierstevens.com/2011/01/17/quickpost-it-does-no-harm-or-does-it/) some applications leave explorer.exe vulnerable by loading shell extensions that do not support ASLR, and the same with browsers(http://www.scriptjunkie.us/2011/06/bypassing-dep-aslr-in-browser-exploits-with-mcafee-symantec/). F-Secure 2011 also does this with explorer, firefox and internet explorer, same with the 2012 beta. Plus, not all F-Secure processes support ASLR and two of them not even DEP. Could this be fixed before 2012 stable release? p.s. I also noticed that FSIS loads fsscoepl.dll, described as Spam control plugin for Microsoft outlook express into explorer.exe iexplore.exe and firefox.exe. It seems a bit pointless to me to load a spam plugin for outlook express into these processes.

Best Answer

  • VilleVille Posts: 494 F-Secure Employee
    Accepted Answer

    We are aware of this problem and working on it. However, it might not make it to IS2012 release but definitely something to improve soon.



This discussion has been closed.