Forum Moderators: phranque
Message Too Old, No Replies
New JavaScript Code Could Make Drive-By Exploits Much Worse
According to researchers the decades old protection of major operating systems, known as address space layout randomization (ASLR), could be reaching the point of vulnerability thanks to a simple JavaScript code.
Now, researchers have devised an attack that could spell the end of ASLR as the world knows it now. The attack uses simple JavaScript code to identify the memory addresses where system and application components are loaded. When combined with attack code that exploits vulnerabilities in browsers or operating systems, the JavaScript can reliably eliminate virtually all of the protection ASLR provides. New JavaScript Code Could Make Drive-By Exploits Much Worse [arstechnica.com]
Well lets hope the other browsers follow Safari's lead to mitigate such attacks.
I tried NoScript for a while but found I spent too much time allowing/disallowing sites to run JS. Not a problem on my handful of favorite sites, but I do a lot of research to new sites and it became tedious.
Join The Conversation
- Register For Free! - Become a Pro Member!
- See forum categories - Enter the Forum
Moderators and Top Contributors
- Moderator List | Top Contributors:This Week, This Month, Mar, Feb, Archive, Top 100 All Time, Top Voted Members
Hot Threads This Week
- Google Updates and SERP Changes - May 2022
- May 2022 AdSense Earnings and Observations
- ~ remove from url
- Lost business potential on building websites
- still getting parameter urls crawled by Google
- Musk Says $44-billion Twitter Deal On Hold
- What do you think about Android?
- Using cURL to find end result of a 301 redirect
- Does reducing content for mobile devices affect SEO?
- Hello everyone