Microsoft security expert Michael Howard says the address space layout randomization (ASLR), a method of foiling some classes of attack that has usually been associated with open-source projects, has been turned on as default in Windows Vista Beta 2, released in May 2006.
ASLR involves arranging the positions of certain data areas, such as the position of libraries, heap and stack, randomly in a process' address space. Certain types of attacks, which rely on these components having predictable target addresses, thus have a low chance of success when ASLR is in place. Until now, the feature has been most prominently used in the OpenBSD Unix variant and the PaX and Exec Shield security patches for Linux.
Microsoft using Open Source Idea in Vista source
Comment Preview