Ticket #10273 (reopened enhancement)
VirtualBox Support for ASLR
|Reported by:||DNS||Owned by:|
Windows Vista has introduced new memory security protections, such as DEP/NX, ASLR (Address Space Layout Randomization) and Heap Corruption Detection, which help to block exploits of common vulnerabilities. Unfortunately VirtualBox still is not compiled to take advantage of these security features. While VirtualBox's code doesn't exhibit any weaknesses, it would be beneficial to be able to use these OS security enhancements as a backstop in the event that the hypervisor is exploited.
There are also reports of there being a similar incompatibility between VirtualBox and ASLR implementations in Linux as well.
Currently, forcing these OS protection settings for VirtualBox's processes causes random and complete system halts. Support for ASLR is easy to accomplish and could probably make it into the next release as all that is needed for it to work is the turning on of a bit in the executable.