AMD video drivers make Windows unsafe
The AMD video drivers fail to support ASLR in the "Always on" mode in Microsoft's EMET utility which is used by businesses to make the operating system more resilient to hacker attacks.
"This can limit the amount that such a system can be secured," CERT/CC says in an advisory.
ASLR, when combined DEP (Data Execution Prevention) can be an effective mitigation against exploitation of vulnerabilities. For more information about DEP and ASLR on Microsoft Windows platforms, see the Microsoft Security Research & Defense blog entry: On the effectiveness of DEP and ASLR. Microsoft has released a tool called EMET(Exploit Mitigation Experience Toolkit) to enforce DEP, ASLR, and other exploit mitigation features for Windows systems on an application-specific and a system-wide basis. DEP and ASLR features are available on other operating systems as well.
Some video drivers are not compatible with the Microsoft EMET "Always on" mode for ASLR. Enabling "Always on" ASLR on a system with incompatible video drivers may result in a system crash (kernel panic, or BSOD).
The research outfit said problems have also been reported with drivers from ATI Technologies on Linux systems using PaX.
"Systems with incompatible video drivers cannot be secured as well as those with ASLR-compatible drivers. Enabling system-wide DEP and ASLR can make exploitation of vulnerabilities more difficult," CERT/CC warned.
CERT/CC recommends that computer users in high-value environments consider using video drivers that opt into the mitigation by having ASLR-compatible drivers.