Does anyone have a good reference for PROCESS_CREATION_MITIGATION_POLICY_PROHIBIT_DYNAMIC_CODE_ALWAYS_ON_ALLOW_OPT_OUT?
-
-
Replying to @berendjanwever
I can't seem to find any documentation that describes what this does and I'd much rather know than guess.
1 reply 0 retweets 0 likes -
Replying to @berendjanwever
One of
@epakskape talks? It sets a flag in the current thread using SetInformationThread which disables the checkhttps://github.com/Microsoft/ChakraCore/blob/master/lib/Common/Memory/VirtualAllocWrapper.cpp …1 reply 0 retweets 1 like -
Replying to @tiraniddo @epakskape
Probably :) but which? And what exactly does setting the flag do? It seems reasonably self-explanatory, but I'd like to make sure...
2 replies 0 retweets 1 like -
Replying to @berendjanwever @epakskape
It sets flag 0x40000 in the ETHREAD::CrossThreadFlags which is checked in MiArbitraryCodeBlocked before doing any executable code action.
1 reply 0 retweets 2 likes -
Extension of the code on page 24 of https://www.troopers.de/media/filer_public/f6/07/f6076037-85e0-42b7-9a51-507986edafce/the_joy_of_sandbox_mitigations_export.pdf …
1 reply 0 retweets 4 likes -
Replying to @tiraniddo @epakskape
This really is not documented by MS anywhere, is it? How are ppl to use such mitigations if they don't know they exist or how they work?
1 reply 0 retweets 1 like -
Replying to @berendjanwever @epakskape
They're not, I don't believe, they just partially document some of them. It's just
@msftsecresponse sticking stuff in for Edge.1 reply 0 retweets 1 like
Thanks a lot, that confirms and greatly expands on what I found. Sounds like they should document this so everyone can use it.
-
-
The flag is documented, though I agree the description isn't great. Will look at improving. See here:https://msdn.microsoft.com/en-us/library/windows/desktop/ms686880(v=vs.85).aspx …
0 replies 1 retweet 1 likeThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.