AMD has been accused of making Windows unsafe, thanks to graphics drivers that fail to operate when Address Space Layout Randomisation (ASLR) is enabled.

Introduced by Microsoft to guard against code execution through buffer overflow attacks, ASLR works by shuffling the memory map and storing critical resources in a pseudorandom location. The result: if an attacker attempts to overwrite a specific section of memory with a buffer overflow or similar attack, that memory location will be different on each targeted system.

Combined with Data Execution Prevention (DEP), which marks sections of memory containing program data as non-executable to minimise the risk of a buffer overflow writing to an area of memory which can then be executed as a program, ASLR is an effective defence against many forms of attack.

Unlike DEP, however, ASLR is disabled by default and only activated by manually toggling a registry key marked 'unsafe' or using Microsoft's optional Exploit Mitigation Experience Toolkit (EMET) add-on. Doing so on systems with AMD graphics cards, however, has an unwanted side-effect: system crashes.

According to a vulnerability notice published by the US Computer Emergency Readiness Team (US-CERT) late yesterday, AMD's graphics drivers are incompatible with ASLR and cause blue-screens when the functionality is enabled. Drivers for graphics boards from rival Nvidia, and those designed for Intel's integrated graphics systems, work fine with ASLR.

According to US-CERT's analysis, the result is that systems are ill-secured against attack. Worse, a feature which should be activated by default in order to provide the most security is disabled and hidden - leaving Microsoft with the blame for security breaches it has already coded protection against.

US-CERT's advice is clear: for server systems with AMD graphics hardware, where video performance is a non-issue, users should consider moving to generic VGA drivers which fully support ASLR. For other users, who specifically bought the AMD graphics board for 3D tasks and intend to use it to its full advantage, US-CERT has only one suggestion: 'If the video adapter on your system is not compatible with EMET "Always on" ASLR, consider using a different video adapter that has ASLR compatible drivers.'


View this in the forums