HomeWinBuzzer NewsMicrosoft Hardware-Enforced Stack Protection Arrives on Windows

Microsoft Hardware-Enforced Stack Protection Arrives on Windows

Hardware-enforced Stack Protection allows users to protect their apps by leveraging their CPU. It is currently in preview.

-

has this week announced “Hardware-enforced Stack Protection,” a new security tool for . According to the company, the feature will allow apps to tap into the local CPU to protect their code when running on system memory.

This area of the CPU is called the (memory) stack and the new tool will help protect this when code is being stored by an application. Hardware-enforced Stack Protection protects the stack by adding management restrictions through modern CPU hardware and shadow stacks.

We were not familiar with shadow stacks, but Microsoft describes them are copies of an app's intended execution order. With the feature, the system will access security features in CPUs to make a copy of the app shadow stack.

Microsoft explains how this will work:

“Hardware-enforced Stack Protection offers robust protection against ROP exploits since it maintains a record of the intended execution flow of a program. To ensure smooth ecosystem adoption and application compatibility, Windows will offer this protection as an opt-in model, so developers can receive this protection, at your own pace.”

Currently in Preview

In other words, the service will stop malware from accessing and taking control of an app at its code base. Hari Pulapaka, manager for the Kernel Group, says the tool is currently on the Fast Ring on the Inside and is still in early development.

“In order to receive Hardware-enforced stack protection on your application, there is a new linker flag which sets a bit in the PE header to request protection from the kernel for the executable,” Pulapaka explained in a blog post.

“If the application sets this bit and is running on a supported Windows build and shadow stack-compliant hardware, the Kernel will maintain shadow stacks throughout the runtime of the program,” the Microsoft adds.

SourceMicrosoft
Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News