DocumentCode
3624714
Title
Bypassing Data Execution Prevention on MicrosoftWindows XP SP2
Author
Nenad Stojanovski;Marjan Gusev;Danilo Gligoroski;Svein.J. Knapskog
Author_Institution
Macedonian Telecommunication
fYear
2007
fDate
4/1/2007 12:00:00 AM
Firstpage
1222
Lastpage
1226
Abstract
The evolution of Microsoft Windows from a desktop operating system into a server operating system has brought attention to and concern of some severe security issues. Attacks that exploited buffer overflows started appearing for the services that were used on the new server operating system. Recently, Microsoft decided to implement a protective measure: data execution prevention - DEP in two of their products: Service Pack 2 for Windows XP and Service Pack 1 for Windows 2003. The measure has been implemented as one of the core security mechanisms with the intention to prevent the attackers from breaking into the system i.e., to prevent the execution of code in non-executable memory regions. In this paper we show that the initial implementation of the software for DEP in Windows XP Service Pack 2 is actually not at all secure and that stack overflow attacks against DEP are as effective as attacks against systems that do not have DEP
Keywords
"Operating systems","Protection","Data security","Electrostatic precipitators","Buffer overflow","Linux","Sun","Hardware","Informatics","Quality of service"
Publisher
ieee
Conference_Titel
Availability, Reliability and Security, 2007. ARES 2007. The Second International Conference on
Print_ISBN
0-7695-2775-2
Type
conf
DOI
10.1109/ARES.2007.54
Filename
4159930
Link To Document