Microsoft's Use-After-Free Mitigations Can Be Bypassed

Microsoft's Use-After-Free Mitigations Can Be Bypassed

UAF vulnerabilities can be highly dangerous and regular anti-virus solutions are not very efficient when it comes to protect against such memory corruption exploits. Low-level operating system protections are much more efficient, but they’re not perfect either.

UAF exploits and mitigations

One of the most problematic memory corruption exploits is return-oriented programming (ROP), a code reuse technique often employed by attackers to disable protections such as Data Execution Prevention (DEP). Microsoft has implemented some anti-ROP mitigations in its Enhanced Mitigation Experience Toolkit (EMET), but as researchers demonstrated on numerous occasions, the security tool can be bypassed...