ROP is Dying and Your Exploit Mitigations are on Life Support

Solarquest

Solarquest

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 22, 2014
2,525
Too often the defense community makes the mistake of focusing on the what, without truly understanding the why. This mindset often leads to the development of technologies that have limited effectiveness, and an even shorter shelf life. Time and again we’ve seen newly developed software protections bypassed shortly after their release. This is especially true with exploit mitigations, and Return-Oriented Programming (ROP) in particular. In short, current defenses target obsolete offensive techniques.

The offensive community has known something for a long time that I would like to share with you. ROP is dying and ROP exploit mitigations aren’t as effective as you might think.

......
By: Cody Pierce

More in the link above.
 
  • Like
Reactions: King Alpha, XhenEd, DardiM and 2 others
H

hjlbx

ROP ain't going away any time soon... so keep dem dare ROP anti-exploit softs on your systems boys.

When every body starts talking about phasing-ou ROPt anti-exploit softs - like people talk about phasing-out Flash today - then you might want to start looking around for some new strategies.

Maybe sometime within the next 10 years. By then, you'll probably have moved on past the IT security drama and debates...
 
  • Like
Reactions: XhenEd, Nightwalker, DardiM and 2 others
DJ Panda

DJ Panda

Level 30
Verified
Top Poster
Well-known
Aug 30, 2015
1,928
I don't mean to sound arrogant in any way but why have an anti exploit software if you have never encountered an exploit before or never go on crack/porn sites I ghghavent ever gotten malvertised or exploited so I don't use anti exploits (used to use MBAE for support of company) (adblocking I went for a few months and got scared that if I kept doing it YT and other sites would charge big time to site view)
 
You must log in or register to reply here.

Similar threads

Bot
    • Like
  • Locked
Teaming up in the war on tech support scams
Replies
1
Views
1,339
Microsoft Defender
Takashi94
T
L
    • Like
  • Locked
Windows Subsystem Used to Bypass Microsoft EMET
Replies
2
Views
3,238
Microsoft Defender
Deleted Member 333v73x
D
Petrovic
    • Like
  • Locked
Microsoft's Use-After-Free Mitigations Can Be Bypassed: Researcher
Replies
1
Views
1,605
News Archive
Cain
Cain

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top