Microsoft's security toolkit uses defenses inspired by BlueHat finalist

The Enhanced Mitigation Experience Toolkit 3.5 helps protect against return-oriented programming attacks

Microsoft released the technology preview of a new security toolkit that uses defenses inspired by one of the contestants of its BlueHat Prize security competition, the company said on Wednesday.

The tool includes protection against return-oriented programming (ROP) attacks, an advanced technique attackers use to combine short pieces of valid code already present in a system for a malicious purpose, Microsoft said. The defense against those kinds of attacks was developed by Ivan Fratric, a researcher at the University of Zagreb, Croatia, who earned a Ph. D. in computer science.

[ Security expert Roger A. Grimes offers a guided tour of the latest threats and explains what you can do to stop them in "Fight Today's Malware," InfoWorld's Shop Talk video. | Keep up with key security issues with InfoWorld's Security Adviser blog and Security Central newsletter. ]

Fratric submitted a security tool called ROPguard to the BlueHat competition, which is software that aims to hinder ROP attacks by defining a set of checks that can be used to detect when certain functions are being called in the context of malicious ROP code, Microsoft said. Fratric's defense system can help protect against attacks that exploit memory safety vulnerabilities, the company added.

Microsoft's Trustworthy Computing Group released a technology preview of the Enhanced Mitigation Experience Toolkit (EMET) 3.5 on Wednesday that includes ROP defenses "inspired by" Fratric's ROPguard. The technology was integrated in EMET within three months, and the addition helps make software significantly more resistant to exploitation, Microsoft said in a news release, adding that Fratric helped incorporate the technology into EMET.

The BlueHat Prize is a competition that aims to entice researchers to develop defensive technologies by awarding more than $250,000 in cash and prizes. The competition was launched at last year's BlackHat security conference in Las Vegas and closed on April 1, 2012. Microsoft has yet to determine if Fratric, who is one of three finalists, will receive the grand prize of $200,000. It plans to announce the winner on Thursday.

From CIO: 8 Free Online Courses to Grow Your Tech Skills
Join the discussion
Be the first to comment on this article. Our Commenting Policies