引用
MSDN:
Control Flow Guard (CFG) is a highly-optimized platform security
feature that was created to combat memory corruption vulnerabilities.
By placing tight restrictions on where an application can execute code
from,it makes it much harder for exploits to execute arbitrary code
through vulnerabilities such as buffer overflows.
We
strongly encourage developers to enable CFG for their applications.
You don’t have to enable CFG for every part of your code,as a mixture
of CFG enabled and non-CFG enabled code will execute fine. But failing
to enable CFG for all code can open gaps in the protection.
Furthermore,CFG enabled code works fine on “CFG-Unaware” versions of
Windows and is therefore fully compatible with them.
那我什么时候不启用呢?
或者换句话说,在启用它之前,我需要检查一下我的代码,有什么风险?
