Dynamic base is disabled

ID PE056 Level ERROR Category Security

Description

Dynamic image base is disabled. This prevents the loader from relocating the executable and makes the executable more vulnerable to exploits. The ASLR (address space layout randomization) security mitigation is not available for executables with fixed base.

Mitigation

If using Visual C++, compile the executable with /DYNAMICBASE linker option.

For .NET images, use Visual Studio 2008 or newer.

Arguments

This rule has no output arguments.