[ Thanks to Steven J.
Vaughan-Nichols for this link. ]
“Unfortunately, Wever, using a variation of a hacking
technique he helped perfect called heap-spraying has busted DEP. In
heap-spraying, the attack code made an educated guess at where
vulnerable memory that could be used to execute unapproved programs
could be found. In Wever’s latest trick, the attacking code looks
for clues on where to find memory that’s allowed by DEP to run
programs. Once armed with this information, the attack code can
then successfully plant itself in the system.“While the attack code isn’t ready to go for any script-kiddie,
as Wever himself points out, he has given enough information on how
to defeat DEP that it’s only a matter of time before a competent
cracker uses the code to start enabling new attacks.”