Issue No. 02 - March/April (2012 vol. 10)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2012.53
Chris Rohlf , Leaf SR
Yan Ivnitskiy , Matasano Security
Any added complexity in a software system will increase the possible program states, introducing a larger attack surface and the possibility of more exploitable flaws. JIT engines, however, alter the environment in which they execute in far more interesting ways, not only through implementation flaws but also by their fundamental operation modes.
Y. Ivnitskiy and C. Rohlf, "The Security Challenges of Client-Side Just-in-Time Engines," in IEEE Security & Privacy, vol. 10, no. , pp. 84-86, 2012.