Update exploit-protection-reference.md

denisebmsft · denisebmsft · commit 34ee3ab6617c · 2024-11-15T11:26:32.000-08:00
diff --git a/defender-endpoint/exploit-protection-reference.md b/defender-endpoint/exploit-protection-reference.md
@@ -286,7 +286,7 @@ This mitigation specifically blocks any binary that isn't signed by Microsoft. A
 
 ### Description
 
-Control flow guard (CFG) mitigates the risk of attackers using memory corruption vulnerabilities by protecting indirect function calls. For example, an attacker may use a buffer overflow vulnerability to overwrite memory containing a function pointer, and replace that function pointer with a pointer to executable code of their choice (which may also have been injected into the program).
+Control flow guard (CFG) mitigates the risk of attackers using memory corruption vulnerabilities by protecting indirect function calls. For example, an attacker might use a buffer overflow vulnerability to overwrite memory containing a function pointer, and replace that function pointer with a pointer to executable code of their choice (which could also be injected into the program).
 
 This mitigation is provided by injecting another check at compile time. Before each indirect function call, another instructions are added which verify that the target is a valid call target before it's called. If the target isn't a valid call target, then the application is terminated. As such, only applications that are compiled with CFG support can benefit from this mitigation.
 
