the workaround tampers with the exception handler.
If this happened on a linux system there would have been a patch in 24 hours after release.
In conclusion, Microsoft's Hardware DEP protection does not prevent future exploits from being successful; it only adds a trivial amount of complexity to the attack.
Average Joe wrote: Good article on some methods of bypassing DEP. Its best info i read about it so far, not overhyped as much as other stuff. Worth a look.http://www.uninformed.org/?v=2&a=4&t=sumry
the_syco wrote: I didn't bother checking out the links, as I'd proberly get flagged if they're hacking sites (only started the job recently). =-= Companies tend to think that by having a firewall, or router, that they're safe, and that the firewall should keep _all_ the bad people out. Not so. Symantec's products were found to have a bug in their software recently, and as most people leave the passwords to a default on the router, there's not much security on them, and that no product is 100% fail-safe. The FBI have shown how they can crack a 128-bit WEP key in about 3 minutes. And as 70% have no security, and the other 30% use WEP, it shows that nothing stops all. =-= I haven't looked up DEP yet, but if its seen as the next "holy grail", it just means more people will try to hack it.
Average Joe wrote: There are still a few issues What if the process being exploited doesn't have NTDLL.DLL loaded into memory? If the exploited function is like.. strcpy() then there will be the problem of null bytes. LoadLibrary will require null terminated string as parameter.