F-Secure and ASLR

Scholar

F-Secure and ASLR

As security researcher Didier Stevens explains(http://blog.didierstevens.com/2011/01/17/quickpost-it-does-no-harm-or-does-it/) some applications leave explorer.exe vulnerable by loading shell extensions that do not support ASLR, and the same with browsers(http://www.scriptjunkie.us/2011/06/bypassing-dep-aslr-in-browser-exploits-with-mcafee-symantec/). F-Secure 2011 also does this with explorer, firefox and internet explorer, same with the 2012 beta. Plus, not all F-Secure processes support ASLR and two of them not even DEP. Could this be fixed before 2012 stable release? p.s. I also noticed that FSIS loads fsscoepl.dll, described as Spam control plugin for Microsoft outlook express into explorer.exe iexplore.exe and firefox.exe. It seems a bit pointless to me to load a spam plugin for outlook express into these processes.

1 ACCEPTED SOLUTION

Accepted Solutions
F-Secure

Re: F-Secure and ASLR

We are aware of this problem and working on it. However, it might not make it to IS2012 release but definitely something to improve soon.

 

View solution in original post

2 REPLIES 2
F-Secure

Re: F-Secure and ASLR

We are aware of this problem and working on it. However, it might not make it to IS2012 release but definitely something to improve soon.

 

View solution in original post

Scholar

Re: F-Secure and ASLR

Ok, thanks :)