Thursday, December 11, 2014

New security feature - Control Flow Guard (CFG) - available in Visual Studio 2015 Preview

This blog announced that the Preview for Visual Studio 2015 includes a new, work-in-progress feature, called Control Flow Guard (CFG). 

It says 
"Whilst compiling and linking code, it analyzes and discovers every location that any indirect-call instruction can reach.  It builds that knowledge into the binaries (in extra data structures).  It also injects a check, before every indirect-call in your code, that ensures the target is one of those expected, safe, locations.  If that check fails at runtime, the Operating System closes the program"

I will evaluate this, e.g. performance impact and effectiveness against JOP/ROP attacks, when I'm free, and update this post then :-)

MJ0011, "Windows 10 Control Flow Guard Internals"

No comments:

Post a Comment