Jelly Bean brings full ASLR (Address Space Layout Randomization) implementation to the operating system. ASLR simply randomizes where memory processes get mapped, so attackers can only guess where their malicious payloads will end up. As Jon Oberheide of Duo Security told Security Watch, their odds go from 1 in 2 to “maybe 1 in 1000.” Every wrong guess could lead to the app crashing, and the user uninstalling the app, thus dramatically reducing the chances of a successful exploit.
(Curated by Dennis Moore. Read the complete article here)