JavaScript-based ASLR bypass attack simplifies browser exploits

Researchers have devised a new attack that can bypass one of the main exploit mitigations in browsers: address space layout randomization (ASLR). The attack takes advantage of how modern processors cache memory and, because it doesn’t rely on a software bug, fixing the problem is not easy. Researchers from the Systems and Network Security Group…