Microsoft's newest Internet Explorer 10 browser, currently available as a consumer preview, contains two new anti-exploit mitigations -- High Entropy Address Space Layout Randomization (HEASLR) and ForceASLR -- and significant improvements to existing memory protection technologies.
According to Forbes Higman, Security Program Manager on the IE team, the new and enhanced mitigations improvements "will increase the difficulty and development cost of exploits, making life harder for the bad guys."new memory protections in IE 10:
- High Entropy Address Space Layout Randomization (HEASLR) takes advantage of the increase in 64bit address space and assigns more bits to entropy. This has the effect of drastically increasing the number of potential addresses that may be assigned to a 64bit process. All 64bit processes can opt-in to the increased entropy made available by HEASLR. Processes can opt-in either at link time (/HIGHENTROPYVA) or at load time via a new Image File Execution Option. By default, the Metro style browser runs in 64bit mode on 64bit computers, providing a much larger address space and thus more random memory layout.
- ForceASLR is arguably the most important change to ASLR in Windows 8. ForceASLR is a new loader option used by Internet Explorer 10 to instruct the operating system to randomize the location of all modules loaded by the browser, even if a given module was not compiled with the /DYNAMICBASE flag. The ForceASLR protection was added to the Windows 8 kernel, and the feature is now available as an update to Windows 7 that will be installed when Internet Explorer 10 is installed on that platform. To help ensure compatibility with this feature, and to provide memory-randomization protection to older Internet Explorer versions that don’t support ForceASLR, we continue to recommend that add-on developers make use of the /DYNAMICBASE flag.
protection technologies can provide a front line of defense to block malicious attackers.
"These technologies exist to make exploiting vulnerabilities more difficult, less reliable, and in some cases impossible. Memory protections aim to safely terminate a browser process under attack before a vulnerability can be successfully exploited to run the attacker’s code. In many cases, protections allow vendors time to produce and distribute a fix before a vulnerability can be exploited to cause damage," Higman said.