Prevx and DEP/ASLR

Discussion in 'Prevx Releases' started by BoerenkoolMetWorst, Aug 3, 2010.

Thread Status:
Not open for further replies.
  1. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
    I just read this article about most AV software ignoring and not using these 2 built in security features from Windows. I was wondering if Prevx uses these features and what their point of view is for using these for augmenting a security program's self-defense.
     
  2. mHazweiO

    mHazweiO Registered Member

    Joined:
    Jan 31, 2010
    Posts:
    21
    Location:
    Bavaria, Germany
    Yes, PrevX uses these features as you can see easily from the attached screenshot from a Sysinternals Process Explorer window (same tool that the author of mentioned article used). If you want to try it yourself i. e. for checking other software please make sure that you run Process Explorer with Adminstrator privileges otherwise the result might be incorrect. I found this hint in an article on www.heise.de (hompage of publisher of german PC magazine C't)

    PrevX DEP.jpg

    The screenshot is form a machine running Win 7 x64, but I guess that the protection for PrevX is enabled in all windows versions starting with Win XP because older versions neither offer DEP nor ASLR as was mentioned in the article you linked to.

    Best regards,

    mHazweiO
     
    Last edited: Aug 3, 2010
  3. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
    You'd need to check all the DLL files to make it a valid test, not just the executable. (Yes some software developers so far have only secured their executables.)
     
  4. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Prevx does not use any external DLLs (outside of the OS DLLs, of course) within its main operation so you'll be completely safe by default :)
     
  5. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
    Good to hear!
     
  6. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
    thanks for your replies :)
     
Thread Status:
Not open for further replies.