Security cookie value is not system default
ID PE015 Level ERROR Category Security
Description
The stack protection security cookie value is not system default. This prevents the loader from replacing its value with a value from a secure random source, which may make it more predictable for an attacker. This makes it easier to exploit vulnerabilities by taking control of the execution flow when returning from a function call.
Default security cookie values:
- for
x86
targets:0xbb40e64e
or0x0000bb40
; - for
x64
targets:0x00002b992ddfa232
.
Mitigation
If using Visual C++:
- Make sure you do not reference the
__security_cookie
or__security_cookie_complement
symbols anywhere in the code.
Arguments
This rule has the following output arguments:
-
cookie_value
- Security cookie value used in the executable
Loading...
Unable to load this documentation page.