The demise of stack based buffer overflow exploits?
The most common form of buffer overflow exploits are stack based buffer overflow exploits. When one is found, programmers are to blame. Actually, they’re the result of a combination of calamitous circumstances:
- processors without enough bits to properly mark pages
- too permissive and naive programming languages
- compilers of insecure languages generating unhardened code
- operating systems without countermeasures
- and, finally, the ignorant programmer
Through the ’90, a number of countermeasures emerged (no rocket-science here):
Some of the previous countermeasures have resulted in some hardened operating systems:
Some argue that all the previous protections deplete resources and can easily be bypassed(
"Defeating the Stack Based Buffer Overflow Prevention Mechanism of Microsoft Windows 2003 Server",
"Bypassing StackGuard and StackShield"), but the real goal is to prevent the exploitation with cut&paste shellcodes and make it harder to exploit stack based buffer overflows. Looking to the future, Windows 2003 uses the hardware based protection of the latest processors(AMD's
Execution Protection and
Intel Itanium), which feature more bits to properly mark pages as non-executable. This and the
.NET platform will deter hackers to exploit stack based buffer overflows but, without quantitative data of the number and percentage of these exploits over time, which I’ve been unable to find and I'm almost sure that it doesn't exist, nothing will be learned from the impact of these security technologies.
