This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Windows Defender Exploit Guard

From: Erik Bray <erik dot m dot bray at gmail dot com>
To: cygwin at cygwin dot com
Date: Wed, 10 Jan 2018 11:47:41 +0100
Subject: Windows Defender Exploit Guard
Authentication-results: sourceware.org; auth=none

Hi all,

I've seen some reports, and encountered some problems myself, with the
new "Windows Defender Exploit Guard" [1] w.r.t. Cygwin.  This enables
a number of anti-exploit protections, at least some of which might be
a problem for Cygwin--in particular "Force randomization for images
(Mandatory ASLR)" as the name suggests forces address space
randomization even for DLLs, for example, with a fixed image base.
Possibly some others are also a problem for Cygwin but I'm not sure.

Fortunately, these settings can be customized on a per-executable
basis, and this can be done programmatically with powershell:
https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-exploit-guard/customize-exploit-protection

Maybe for Cygwin we will want to include something like a companion
script to rebase that applies the necessary exploit protection
exceptions for Cygwin binaries... :(

Best,
Erik

[1] https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]