The results of this analysis show that at least one aspect of ASLR’s implementation did not perform as expected. Symantec found that one of the randomized components was not randomized consistently, resulting in a reduced degree of randomness in the layout of an application’s memory. While ASLR continues to be effective, this reduction does increase the likelihood that an attacker can guess the correct address to target.
Microsoft has confirmed Symantec’s research findings and resolved the issue highlighted. These
shortcomings are due to be addressed in Windows Vista SP1.