3
iamrp
12d

Microsoft announced a new security feature for the Windows operating system.

According to a report of ZDNet: Named "Hardware-Enforced Stack Protection", which allows applications to use the local CPU hardware to protect their code while running inside the CPU's memory. As the name says, it's primary role is to protect the memory-stack (where an app's code is stored during execution).

"Hardware-Enforced Stack Protection" works by enforcing strict management of the memory stack through the use of a combination between modern CPU hardware and Shadow Stacks (refers to a copies of a program's intended execution).

The new "Hardware-Enforced Stack Protection" feature plans to use the hardware-based security features in modern CPUs to keep a copy of the app's shadow stack (intended code execution flow) in a hardware-secured environment.

Microsoft says that this will prevent malware from hijacking an app's code by exploiting common memory bugs such as stack buffer overflows, dangling pointers, or uninitialized variables which could allow attackers to hijack an app's normal code execution flow. Any modifications that don't match the shadow stacks are ignored, effectively shutting down any exploit attempts.

Comments
  • 2
    "where an app's code is stored during execution"
    *sigh*
  • 2
  • 5
    Just don’t eat my bandwidth please
  • 3
    I don't see how that can possibly work.
  • 3
    > We now keep fifteen copies of the instructions, and every time one of them doesn't match we ignore it and use the original instead

    "So... you just refer to the original, then?"

    > No. We read the copies in order and only discard them when they don't match.

    "So, you're multiplying the overhead by 15?"

    > Pretty much.

    "And this is a good thing?"

    > Marketing came up with it and it sounds fucking amazing. We're gonna increase our marketshare so much!

    > 🙄
Add Comment