Microsoft's Security Tool Includes Defenses Inspired by BlueHat Finalist

Microsoft released the technology preview of a new security toolkit that uses defenses inspired by one of the contestants of its BlueHat Prize security competition, the company said on Wednesday.

The tool includes protection against return-oriented programming (ROP) attacks, an advanced technique attackers use to combine short pieces of valid code already present in a system for a malicious purpose, Microsoft said. The defense against those kind of attacks was developed by Ivan Fratric, a researcher at the University of Zagreb, Croatia, who earned a Ph. D. in computer science.

Fratric submitted a security tool called ROPguard to the BlueHat competition, which is software that aims to hinder return-oriented programming attacks by defining a set of checks that can be used to detect when certain functions are being called in the context of malicious ROP code, Microsoft said. Fratric's defense system can help protect against attacks that exploit memory safety vulnerabilities, the company added.

Microsoft's Trustworthy Computing Group released a technology preview of the Enhanced Mitigation Experience Toolkit (EMET) 3.5 on Wednesday that includes ROP defenses "inspired by" Fratric's ROPguard. The technology was integrated in EMET within three months, and the addition helps make software significantly more resistant to exploitation, Microsoft said in a news release, adding that Fratric helped incorporate the technology into EMET.

The BlueHat Prize is a competition that aims to entice researchers to develop defensive technologies by awarding more than $250,000 in cash and prizes. The competition was launched at last year's BlackHat security conference in Las Vegas and closed on April 1, 2012. Microsoft has yet to determine if Fratric, who is one of three finalists, will receive the grand prize of $200,000. It plans to announce the winner on Thursday.

Subscribe to the Security Watch Newsletter

Comments