Abstract: Embodiments described herein provide for virtual machine (VM) based exploit mitigation techniques that can be used to harden web content frameworks and JavaScript Engines. Some embodiments described herein are also generally applicable to other system frameworks, libraries, and program code that executes on a processor that is vulnerable to an attack using a security exploit. Program code that implements the techniques described herein can prevent the use of security exploit attacks to bypass security properties within the program code.

Abstract: In an embodiment, dynamically-generated code may be supported in the system by ensuring that the code either remains executing within a predefined region of memory or exits to one of a set of valid exit addresses. Software embodiments are described in which the dynamically-generated code is scanned prior to permitting execution of the dynamically-generated code to ensure that various criteria are met including exclusion of certain disallowed instructions and control of branch target addresses. Hardware embodiments are described in which the dynamically-generated code is permitted to executed but is monitored to ensure that the execution criteria are met.

Abstract: In an embodiment, dynamically-generated code may be supported in the system by ensuring that the code either remains executing within a predefined region of memory or exits to one of a set of valid exit addresses. Software embodiments are described in which the dynamically-generated code is scanned prior to permitting execution of the dynamically-generated code to ensure that various criteria are met including exclusion of certain disallowed instructions and control of branch target addresses. Hardware embodiments are described in which the dynamically-generated code is permitted to executed but is monitored to ensure that the execution criteria are met.

Abstract: A computer computes an SSID and a key from a string. The computer wirelessly accesses a wireless-access-device preconfigured with the SSID and the key.

Abstract: Methods of maintaining a database of patch data for a system include parsing differences between a posted update and a previously posted update, prioritizing patch data from the posted update and a plurality of additional sources, and supplementing patch data in the database for the posted update based on parsed differences and the plurality of additional sources.

Abstract: A computer computes an SSID and a key from a string. The computer wirelessly accesses a wireless-access-device preconfigured with the SSID and the key.

Abstract: A method, system, and apparatus for loading and managing tasks within a process instance on a computer system. The present embodiment novelly distinguishes groups of threads as a task and manages the execution of the threads in the task in the manner specified in a configuration file. The configuration file contains names of tasks and configuration information associated with each task. For example the order of execution of tasks may be defined to depend on the progress of the execution, such as the state, of one or more other tasks. The termination of a single task or multiple tasks may be managed by the present embodiment. The output from a task may be directed to a computer-based input/output (I/O) device, such as a monitor, or to a file, or may be discarded.

Abstract: A system and method for profiling the execution of a software library used by an application, creating an optimized library based on the profiling, and updating to the optimized library without halting the application. The application is running using an unoptimized version of a replaceable library. The replaceable library is profiled while being used by the application and produces a set of profile data. The profile data, generated by actual execution of the replaceable library on the end-user application, is used to create an optimized version of the library. The application can then update from the unoptimized version of the library to the optimized version of the library. The invention also allows for a system with several applications, each using a different version of an optimized library simultaneously, each optimized version of the library custom optimized for the application using it.

Abstract: A system for managing the memory of a software component, such as a software library, such that the state of the software component is preserved after an update to the software component. There are two special types of memory allocated within the software component: transient memory and enduring memory. Memory needed to be preserved between two calls of the library is allocated as enduring memory. Transient memory persists until it is freed or when the software component is deleted, whichever comes first. Upon updating to a new version of a software component, the transient memory is released, while the enduring memory is preserved for use by the new version.

Abstract: The invention describes a hierarchical registry for allowing multiple applications to use different versions of a software component on the same system. Each version of a software component has a base entry in the registry. Each base entry has rules, one of which must be met to use version of the software component corresponding to that base entry. The registry may also have a default base entry, which is used if no other base entry has one of its rules met. Each rule may have several criteria, all of which must be met to satisfy that rule. Each base entry may be marked as deleted rendering the corresponding version of the software component inaccessible except by applications currently accessing the version marked as deleted.

Abstract: A system for changing a software library during the execution of a software application using the software library. The software application interfaces to the software library only through the use of an interface library, to ensure that the software application does not directly bind with the software library. With no direct binding the software library can be updated during runtime without the software application re-resolving the location of the software library. The update is triggered by a change of the version number in a registry. The program correctness is maintained by library management services ensuring that the software library is no longer in use by the application before updating to the new library. Memory management services are used to ensure that the state of the library is maintained between the old and the updated versions of the software library.