Should I enable Force randomization for images (Mandatory ASLR) for Firefox 52.5.3 ESR?
In new Windows 10's exploit protection, iexplore.exe and Office programs have this setting enabled by default. Is there any benefit in enabling the same system override setting for Firefox.exe ?
Force randomization for images (Mandatory ASLR) and Firefox
- tbdkqjyjkyk
- Posts: 95
- Joined: October 30th, 2006, 1:38 pm
Force randomization for images (Mandatory ASLR) and Firefox
Last edited by tbdkqjyjkyk on January 5th, 2018, 10:59 am, edited 2 times in total.
-
- Posts: 4480
- Joined: March 19th, 2005, 10:51 am
Re: Force randomization for images (Mandatory ASLR) and Fire
ASLR is OS dependent, but common current OS can do and firefox will use.
https://sourceforge.net/projects/processhacker/
https://sourceforge.net/projects/processhacker/
not relevant. since xp present, even stronger since win8.In new Windows 10's exploit protection
- tbdkqjyjkyk
- Posts: 95
- Joined: October 30th, 2006, 1:38 pm
Re: Force randomization for images (Mandatory ASLR) and Fire
Brummelchen wrote:ASLR is OS dependent, but common current OS can do and firefox will use.
https://sourceforge.net/projects/processhacker/
not relevant. since xp present, even stronger since win8.In new Windows 10's exploit protection
looks like you have not seen the new user settings in Windows 10 v1709. see the screenshots I added, they are all default settings.
question is, like iexplore.exe, should I add the same system override setting for Firefox ?
-
- Posts: 4480
- Joined: March 19th, 2005, 10:51 am
Re: Force randomization for images (Mandatory ASLR) and Fire
exploit protection is like any exploit protection with injecting modules.
forcing is not new what i tried to tell you
https://computernewagedotcom.files.word ... ening1.png
firefox can use it on current systems -> NO NEED to force
THATS why i linked process hacker for you - you should use it!
forcing is in common for older programs.
but yes, my win10 ltsb is still 1603 as ltsb should be. but that is not relevant for forcing aslr.
"mandatory aslr" explained
https://blogs.technet.microsoft.com/srd ... tory-aslr/
aslr is same important as DEP and CFG is the goal (chrome already using)
integrity to mention -> sandboxing.
forcing is not new what i tried to tell you
https://computernewagedotcom.files.word ... ening1.png
firefox can use it on current systems -> NO NEED to force
THATS why i linked process hacker for you - you should use it!
forcing is in common for older programs.
but yes, my win10 ltsb is still 1603 as ltsb should be. but that is not relevant for forcing aslr.
"mandatory aslr" explained
https://blogs.technet.microsoft.com/srd ... tory-aslr/
aslr is same important as DEP and CFG is the goal (chrome already using)
integrity to mention -> sandboxing.