ED 310: Windows Mitigations (20 pts)

What You Need

  1. No particular system: this is a reading-only assignment.
Read Part 1 of this paper:

Bypassing Browser Memory Protections

Answer these questions to record your success:

310.1 What pragma makes Microsoft's compiler use a stack cookie even for functions without long strings? (2 pts)

310.2 What linker option prevents attackers from placing an address in the exception handler that points to the stack? (2 pts)

310.3 How large is the key used to encrypt heap metadata in Vista? (2 pts)

310.4 How many possible memory locations are used for an EXE in Windows Vista? (2 pts)

310.5 What is the second protection bit in a Windows page table entry? (2 pts)

Posted 4-5-19
Revised for WCIL 5-20-19