Memory Corruption Mitigations and Their Implementation Progress in Third-Party Windows Applications.

摘要

It has been more than two decades since the first practical implementation of a memory corruption attack. Despite the fact that there has been much research done on efficiently protecting systems from this type of attack, memory corruption attacks still hold the lion's share among all exploitation techniques used against software systems. The Windows family of operating systems, as the most used operating system in the world, has suffered from memory corruption attacks more than any other system. Through the years, Microsoft has introduced various mechanisms for the detection and prevention of memory corruption attacks on Windows platforms. This thesis provides a time line and detailed analysis of the memory protection mechanisms introduced in the Windows family of operating systems. Using these measures, Microsoft has diminished the number of successful exploitations of their software products, yet adoption of these measures by independent software vendors (ISVs) developing software for the Windows platform has not materialized as expected. The results of this thesis show that while most ISVs implement mitigations offered by Microsoft, few applications implement all these mitigations thoroughly.