A Tour Beyond BIOS - Mitigate Buffer Overflow in
  • A Tour Beyond BIOS - Security Enhancement to Mitigate Buffer Overflow in UEFI
  • Executive Summary
  • Stack Canaries
    • Stack Check Support in Microsoft Visual Studio
    • Stack Check Support in GCC
    • Enable Stack Check in EDK II
    • Future work
  • Data Execution Protection
    • DEP in X86 Processor
    • DEP in UEFI specification
    • Enable DEP in EDK II
    • Future work
  • Address Space Layout Randomization
    • ASLR in Windows
    • ASLR in *nix
    • ASLR requirement in UEFI firmware
    • Enable ASLR for UEFI in EDK II
    • Enable ASLR for SMM in EDK II
    • Future work
  • Additional Overflow Detection
    • Stack Overflow Detection
    • Heap Management in EDKII
    • Heap Overflow Detection (for Page)
    • Heap Overflow Detection (for Pool)
    • NULL Pointer Protection in EDK II
    • Read-only page table
    • Limitation
    • Compatibility Consideration
    • Call for action
    • Future work
  • Summary
    • Policy Control
  • References
Powered by GitBook
On this page
  • Figure 3-1 Windows OS space layout, source: [WindowsInternal] [1]
  • Figure 3-2 Win8 HE-ASLR, source: [ASLR1][2]
  • Figure 3-3 Image layout during boot, source: [ASLR2][3]

Was this helpful?

  1. Address Space Layout Randomization

ASLR in Windows

PreviousAddress Space Layout RandomizationNextASLR in *nix

Last updated 4 years ago

Was this helpful?

Windows supports Address Sace Layout Randomization (ASLR). [WindowsInternal] [1] desribes the detail on how executable images, DLL, stack, heap are randomized.

Figure 3-1 Windows OS space layout, source: [WindowsInternal] [1]

[ASLR1][2] shows the Windows8 HE-ASLR design and entropy number.

Figure 3-2 Win8 HE-ASLR, source: [ASLR1][2]

[ASLR2][3] shows different image layouts during boot.

The following Diagram showing how the physical memory location of various system DLLs changes between a first and second boot

Figure 3-3 Image layout during boot, source: [ASLR2][3]

[1] [WindowsInternal] Windows Internals, 6th edition, Mark E. Russinovich, David A. Solomon, Alex Ionescu, 2012, Microsoft Press. ISBN-13: 978-0735648739/978-0735665873

[2][ASLR1] Exploit Mitigation Improvements in Windows 8, Ken Johnson, Ma, Miller

[3][ASLR2] Enhance Memory Protections in IE10