Protecting Your Code with Visual C++ Defenses

Protecting Your Code with Visual C++ Defenses by Michael Howard

Executive summary:

Always compile with:
/NXCompat
/SafeSEH
/DynamicBase

In the header(PCH) always define:
#define _CRT_SECURE_CPP_OVERLOAD_STANDARD_NAMES 1

In the code call :
SetProcessDEPPolicy(PROCESS_DEP_ENABLE);

Note that some of these feature are available from Vista SP1.


© Copyright 2010 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity


Check www.endpoint-cybersecurity.com for seeing the consulting services we offer.

Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie de.itsecuritynews.info für IT Sicherheits News auf Deutsch

Related Posts

Evernote hacked – all users have to change passwords

This is how the nightmare of having a bad press starts: Evernote’s Operations & Security team has discovered and blocked suspicious activity on the Evernote network that appears to have been a coordinated attempt to access secure areas of the Evernote Service. As a precaution to protect your data, we have decided to implement a […]

Do you actually need a security product in your car? Part 1: Prevention, Detection, Remediation

Note: This is going to be a somehow longer article which I will finish in a couple of related posts.   A security product is a program that Prevents that malware enters the system Detects if previously unknown malware is running on the system Remediates the actions of detected malware on the system Note that it […]

Are your tweets through Tweeterfeed and Ping.fm no longer published ?

Are you using Tweeterfeed and Ping.fm ? Are your tweets no longer published ? Then you didn’t read Twitter’s post here: http://dev.twitter.com/ June 30, 2010 The @twitterapi team will be shutting off basic authentication on the Twitter API. All applications, by this date, need to switch to using OAuth. Read more » So, the solution […]