Prevx and DEP/ASLR

I just read this article about most AV software ignoring and not using these 2 built in security features from Windows. I was wondering if Prevx uses these features and what their point of view is for using these for augmenting a security program's self-defense.

 

Yes, PrevX uses these features as you can see easily from the attached screenshot from a Sysinternals Process Explorer window (same tool that the author of mentioned article used). If you want to try it yourself i. e. for checking other software please make sure that you run Process Explorer with Adminstrator privileges otherwise the result might be incorrect. I found this hint in an article on www.heise.de (hompage of publisher of german PC magazine C't)



The screenshot is form a machine running Win 7 x64, but I guess that the protection for PrevX is enabled in all windows versions starting with Win XP because older versions neither offer DEP nor ASLR as was mentioned in the article you linked to.

Best regards,

mHazweiO

 

You'd need to check all the DLL files to make it a valid test, not just the executable. (Yes some software developers so far have only secured their executables.)

 

Prevx does not use any external DLLs (outside of the OS DLLs, of course) within its main operation so you'll be completely safe by default

 

Good to hear!

 

thanks for your replies