You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-endpoint/exploit-protection-reference.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -366,7 +366,7 @@ This mitigation prevents an application from creating new child applications. A
366
366
367
367
### Compatibility considerations
368
368
369
-
If your application launches child applications for any reason, such as supporting hyperlinks that launch a browser or an external browser, or which launch other utilities on the computer, this functionality will be broken with this mitigation applied.
369
+
If your application launches child applications for any reason, such as supporting hyperlinks that launch a browser or an external browser, or which launch other utilities on the computer, this functionality is broken with this mitigation applied.
370
370
371
371
### Configuration options
372
372
@@ -382,7 +382,7 @@ Export address filtering (EAF) mitigates the risk of malicious code looking at t
382
382
- kernelbase.dll
383
383
- kernel32.dll
384
384
385
-
The mitigation protects the memory page in the [export directory that points to the [export address table](/windows/win32/debug/pe-format#export-address-table). This memory page will have the [PAGE_GUARD](/windows/win32/memory/creating-guard-pages) protection applied to it. When someone tries to access this memory, it generates a STATUS_GUARD_PAGE_VIOLATION. The mitigation handles this exception, and if the accessing instruction doesn't pass validation, the process is terminated.
385
+
The mitigation protects the memory page in the [export directory that points to the [export address table](/windows/win32/debug/pe-format#export-address-table). This memory page has the [PAGE_GUARD](/windows/win32/memory/creating-guard-pages) protection applied to it. When someone tries to access this memory, it generates a STATUS_GUARD_PAGE_VIOLATION. The mitigation handles this exception, and if the accessing instruction doesn't pass validation, the process is terminated.
386
386
387
387
### Compatibility considerations
388
388
@@ -433,11 +433,11 @@ This compatibility impact of ASLR is typically constrained to older applications
433
433
434
434
### Description
435
435
436
-
Hardware-enforced stack protection offers robust protection against ROP exploits since it maintains a record of the intended execution flow of a program. To ensure smooth ecosystem adoption and application compatibility, Windows will offer this protection as an opt-in model, so developers can receive this protection, at your own pace.
436
+
Hardware-enforced stack protection offers robust protection against ROP exploits since it maintains a record of the intended execution flow of a program. To ensure smooth ecosystem adoption and application compatibility, Windows offers this protection as an opt-in model, so developers can receive this protection, at your own pace.
437
437
438
438
### Compatibility considerations
439
439
440
-
Hardware-enforced stack protection will only work on chipsets with support for hardware shadow stacks, Intel's Control-flow Enforcement Technology (CET) or AMD shadow stacks.
440
+
Hardware-enforced stack protection only works on chipsets with support for hardware shadow stacks, Intel's Control-flow Enforcement Technology (CET) or AMD shadow stacks.
0 commit comments