Buzz
Exploit Protection is part of the Exploit Guard feature in Windows Defender. Control Flow Guard (CFG) is a component of this feature. Refer to Mytour's article below to learn more about Control Flow Guard on Windows 10 and how to manage its settings.
Exploring Control Flow Guard on Windows 10: Activation and Deactivation
1. What is Control Flow Guard on Windows 10? How does it operate?
Control Flow Guard is a feature that complicates arbitrary code execution exploitation through vulnerabilities such as buffer overflows. As we all know, software vulnerabilities are often exploited by providing abnormal data, ... to a running program.
For instance, attackers can exploit buffer overflow vulnerabilities by supplying multiple inputs to a program, causing the program to maintain separate memory regions for overflow responses. This process could corrupt adjacent memory holding function pointers. When the program calls through this function, it may jump to an unintended location specified by the attacker.
To prevent such scenarios, a robust combination of compiler and runtime support in Control Flow Guard enforces the integrity of control flow to limit points where indirect call instructions can execute. Therefore, Control Flow Guard inserts additional security checks to detect attempts to hijack the original code.
When CFG verification fails at runtime, Windows will immediately terminate and close the program, disrupting any exploits attempting to indirectly call an invalid address.
2. How does Control Flow Guard affect web browsing performance?
Notably, the CFG feature has been reported to cause performance issues on Chromium-based browsers. All major web browsers such as Google Chrome, Edge, Vivaldi, and some others are affected.
The Windows Kernel Team management also acknowledges this issue and stated they will soon release a fix in the future.
How to Disable Control Flow Guard on Windows 10
Suppose for whatever reason you wish to turn off, disable the Control Flow Guard feature on Windows 10. Follow the steps below:
First, type Windows Security into the Search box on the Start Menu.
In the Windows Defender Settings window, under the Update and Security section, select Windows Security from the left panel.
Choose App & browser Control, then scroll down to find the Exploit Protection Settings section. Here, locate and select Control Flow Guard.
From the menu, select the Off by default option to disable the CFG feature.
This article by Mytour has just provided you with answers to the questions about Control Flow Guard on Windows 10: What is it? How to enable or disable it? Furthermore, if you have any inquiries or questions like what Windows Hardware Quality Labs or WHQL stands for, feel free to leave your comments below the article.
