Presented by Mark Dowd and Alexander Sotirov, of IBM and VMware, respectively, the exploit negates key security features such as Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), which
make it difficult to locate and execute code and data. And apparently this exploit is so broad and game changing that it
could be applied to other platforms.
Dai Zovi stressed that the techniques Dowd and Sotirov use do not rely on specific vulnerabilities. As a result, he said, there may soon be similar techniques applied to other platforms or environments.
"This is not insanely technical. These two guys are capable of the really low-level technical attacks, but this is simple and reusable," Dai Zovi said. "I definitely think this will get reused soon, sort of like heap spraying was."