High entropy ASLR compatibility disabled, not large address aware
ID PE018 Level WARNING Category Security
Description
The executable is not marked large address aware, which limits the address space to 3Gb only and makes some exploitation techniques easier. The executable also has the 64-bit ASLR (address space layout randomization) mitigation disabled. High entropy ASLR is more effective in mitigating memory corruption vulnerabilities.
Mitigation
If using Visual C++:
- Pass the
/LARGEADDRESSAWAREoption to the linker when building the executable. - Pass the
/HIGHENTROPYVAoption to the linker when building the executable.
Arguments
This rule has no output arguments.
Loading...
Unable to load this documentation page.