Process heap is always executable
ID PE147 Level ERROR Category Security
Description
The load configuration directory has
the HEAP_CREATE_ENABLE_EXECUTE heap flag set for the executable.
Process default heap will be always executable even if the DEP (data execution prevention) security mitigation is enabled.
This will allow self-modifying code (including exploits) to be executed easily
without the need to manipulate heap memory attributes.
Mitigation
- Make sure you do not change the default value of the
ProcessHeapFlagsfield of the load configuration directory structure.
If using Visual C++:
- Make sure you do not change the
ProcessHeapFlagsfield value in the_load_config_usedsymbol somewhere in the application code.
Arguments
This rule has no output arguments.
Loading...
Unable to load this documentation page.