I'm writing my program in VS2010 and the build target is .NET 4. I believe that the DEP compatibility flag is on by default. Is that true?
Is .NET also compatible by default with ASLR, and is ASLR turned on by default for my process, or do I have to request it at runtime?
Yes, the NXCOMPAT flag is turned on by the standard .NET language compilers since .NET 2.0 SP1.
ASLR is essentially automatic in .NET programs by virtue of the JIT compiler. Where it will place the JIT compiled machine code is unpredictable. Albeit that it will likely be repeatable on the exact same machine with the exact same revision number of the CLR and the exact same flow of the startup code and the exact same DLLs getting injected into the process. Not easily targetable by malware though. The ngen-ed .NET assemblies support ASLR since the .NET 3.5 SP1 release.
Much more powerful is the ASLR for data, the more essential counter-measure against attacks. Important because the vast majority of attacks start with malicious data. Every time you start your program, the location of stack of a thread, the GC heap and static data changes. Can be quite painful of you are trying to debug an AVE btw.
ASLR protects against known unpatchable security flaws. The security flaw has to exist first, uncommon in verifiable code.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With