1. The hacker writes malicious code into memory but it doesn’t do anything until it’s executed
2. The hacker wants to set the return pointer to point to the malicious code so that the computer will execute that malicious code
3. If the address space is randomized, then it’s harder to know where the malicious code got stored in memory so it’s harder to get the victim’s computer to execute it
Latest Answers