Windows Defender Exploit Guard
Erik Bray
erik.m.bray@gmail.com
Wed Jan 10 10:47:00 GMT 2018
Hi all,
I've seen some reports, and encountered some problems myself, with the
new "Windows Defender Exploit Guard" [1] w.r.t. Cygwin. This enables
a number of anti-exploit protections, at least some of which might be
a problem for Cygwin--in particular "Force randomization for images
(Mandatory ASLR)" as the name suggests forces address space
randomization even for DLLs, for example, with a fixed image base.
Possibly some others are also a problem for Cygwin but I'm not sure.
Fortunately, these settings can be customized on a per-executable
basis, and this can be done programmatically with powershell:
https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-exploit-guard/customize-exploit-protection
Maybe for Cygwin we will want to include something like a companion
script to rebase that applies the necessary exploit protection
exceptions for Cygwin binaries... :(
Best,
Erik
[1] https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
More information about the Cygwin
mailing list