Fork issue on W10 WOW
Achim Gratz
Stromeko@nexgo.de
Sun Jul 15 13:25:00 GMT 2018
Marco Atzeri writes:
> In this case AVG is innocent.
> I removed all AV and the lottery is still there
Again, if the ASLR setup has been changed via registry, I wouldn't bet
that the uninstallation of the application that changed them to reset
to the defaults (if it was indeed AVG,).
> it seems the WOW64*.dll can be anywhere between
> 50000000-7F000000
Any ASLR aware library can be mapped to rather low adresses, but that
usually means it couldn't load to where it originally wanted to go. MS
actually uses this to force non-ASLR aware images to random addresses if
the corresponding option is set.
https://blogs.technet.microsoft.com/srd/2017/11/21/clarifying-the-behavior-of-mandatory-aslr/
> I will wait until 1803 is installed, download is in progress,
> before making new trials/experiments
If mandatory ASLR and bottom-up forced randomization got switched on,
that will probably result in the same behaviour. 1803 should offer
(most of) these options from some GUI tab (Security Center / App Control
/ Exploit Protection), I don't remember what 1709 had available there.
The defaults are all "on" except forced ASLR, I think.
Regards,
Achim.
--
+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+
Wavetables for the Terratec KOMPLEXER:
http://Synth.Stromeko.net/Downloads.html#KomplexerWaves
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
More information about the Cygwin
mailing list