New ASLR-busting JavaScript is about to make drive-by exploits much nastier

Found on Ars Technica on Wednesday, 15 February 2017
Browse Computer

The attack uses simple JavaScript code to identify the memory addresses where system and application components are loaded. When combined with attack code that exploits vulnerabilities in browsers or operating systems, the JavaScript can reliably eliminate virtually all of the protection ASLR provides.

Given how crucial caching is to the performance of modern CPUs, the researchers say architectural fixes are likely to be too costly to be feasible.

"We hence recommend ASLR to no longer be trusted as a first line of defense against memory error attacks and for future defenses not to rely on it as a pivotal building block."

Just your daily reminder that nothing is secure.