Microsoft"s use of code-scrambling diversity to secure Windows Vista is getting crucial support from OEM partners. The Redmond, Wash. software giant has convinced major U.S. computer makers—including Dell, Gateway and Hewlett-Packard—to make default changes at the BIOS level to allow a new Vista security feature called ALSR (Address Space Layout Randomization) to work properly.
ASLR, which is used to randomly arrange the positions of key data areas to block hackers from predicting target addresses, is meant to make Windows Vista more resilient to virus and worm attacks. However, for randomization to be effective, DEP/NX (Data Execution Prevention/No eXecute) must be enabled by default.
During a three-day conference to in November 2006, Microsoft security program manager Michael Howard said he pleaded with OEMs to enable DEP/NX in the BIOS by default on all their shipping PCs in time for Windows Vista.