An analyst suspected that one of the dozen updates was released to prevent hackers from exploiting Windows 7 in the Pwn2Own contest slated to start in four weeks.Source: ComputerWorld
"I think this was a strategic move by Microsoft to prevent [researchers] from using the vulnerability as a mechanism to bypass ASLR," said Andrew Storms, director of security operations for nCircle Security, referring to the MS11-009 update that patched a bug in the JScript and VBScript scripting engines within Windows.
At Pwn2Own, which runs March 9-11 at the CanSecWest security conference, attackers armed with unpatched vulnerabilities and corresponding exploits will try to hack browsers running on Windows 7. To do so, they must sidestep ASLR -- for "address space layout randomization" -- one of Windows 7's two anti-exploit technologies.
Microsoft fixes total of 22 security flaws
Posted on Wednesday, February 09 2011 @ 19:14 CET by Thomas De Maesschalck