引用
MSDN:
Control Flow Guard (CFG) is a highly-optimized platform security
feature that was created to combat memory corruption vulnerabilities.
By placing tight restrictions on where an application can execute code
from, it makes it much harder for exploits to execute arbitrary code
through vulnerabilities such as buffer overflows.We
strongly encourage developers to enable CFG for their applications.
You don’t have to enable CFG for every part of your code, as a mixture
of CFG enabled and non-CFG enabled code will execute fine. But failing
to enable CFG for all code can open gaps in the protection.
Furthermore, CFG enabled code works fine on “CFG-Unaware” versions of
Windows and is therefore fully compatible with them.
那我什么时候不启用呢?
或者换句话说,在启用它之前,我需要检查一下我的代码,有什么风险?
最佳答案 看起来它让程序运行得更慢.但他们并没有透露多少.文章的简单语言表明所有间接调用现在都通过内核?如果这是真的,那真的是灾难性的.