I'm assuming that only security-conscious people ever consider using mandatory ASLR system-wide. In the past it's been problematic. https://insights.sei.cmu.edu/cert/2012/06/amd-video-drivers-prevent-the-use-of-the-most-secure-setting-for-microsofts-exploit-mitigation-exper.html … But for those of us who have been using it since before Windows 8, this is a rude awakening!
-
-
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
System-wide mandatory ASLR via EMET on Windows 8+ & WDEG will provide entropy so long as the EXE has been linked with dynamicbase. If the EXE is not dynamicbase, you must enable bottom-up ASLR for entropy. The mechanism used for system-wide mandatory ASLR changed between 7 and 8.
-
How does one enable bottom-up ASLR system-wide on Windows 8+ ?
- 2 more replies
New conversation -
-
-
So it's not really ASLR or?
-
For programs that don't opt in to ASLR, Windows 8.0 and later relocates them to a fixed address, as opposed to being randomized. Which sort of defeats the purpose of Mandatory ASLR in the first place (forcing ASLR). So right... not really ASLR.
- 2 more replies
New conversation -
-
-
The "more details" as promised: Windows 8.0 and later fail to properly randomize all applications if system-wide mandatory ASLR is enabled via EMET or Windows Defender Exploit Guardhttps://www.kb.cert.org/vuls/id/817544
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
At least for programs in WDEG, there's two ASLR options- the randomize, and the bottoms up option- are both of those in the same boat here?
-
Program-specific mitigations still work fine in EMET and WDEG. It's the system-wide setting that doesn't work as expected. The point of system-wide mitigations is that you don't know what needs to be protected ahead of time. Who knew about eqnedt32.exe until now?
End of conversation
New conversation -
-
-
Address Space Layout ... Rearrangement?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
WTF
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.