Windows ASLR Vulnerability !!
by CIRT Team
Description: Windows 8 and later fail to properly randomize every application if system-wide mandatory ASLR is enabled via EMET or Windows Defender Exploit Guard.
Microsoft Windows 8 introduced a change in how system-wide mandatory ASLR is implemented. This change requires system-wide bottom-up ASLR to be enabled for mandatory ASLR to receive entropy. Tools that enable system-wide ASLR without also setting bottom-up ASLR will fail to properly randomize executables that do not opt in to ASLR.
Impact: A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
Mitigation: Review CERT/CC #817544 and apply the necessary workaround until a patch is released.