CIS10 CFG(Control Flow Guard) support Request and etc

※caution - I can not speak English, so I am using translator.

Please support CFG(Control Flow Guard) in CIS10.
The introduction of CFG(Control Flow Guard) is as follows.

What is Control Flow Guard?

Control Flow Guard (CFG) is a highly-optimized platform security feature that was created to combat memory corruption vulnerabilities. By placing tight restrictions on where an application can execute code from, it makes it much harder for exploits to execute arbitrary code through vulnerabilities such as buffer overflows. CFG extends previous exploit mitigation technologies such as /GS, DEP, and ASLR.


CFG(Control Flow Guard) Disabled programs
Please refer to Process Explorer (version 16.20)
If you still do not know what you mean, you can e-mail your capture picture. I tried to upload a photo, but it seems I can not upload it.

exe files
cavwp.exe, cis.exe, CisTray.exe, cmdagent.exe, csssrv64.exe, dragon_updater.exe, dragon.exe, isesrv.exe
vkise.exe, GeekBuddyRSP.exe, unit.exe, unit_manager.exe, launcher_service.exe

dll files
guard64.dll, cmdcmc.dll, cmdres.dll, cavwpps.dll, extra.cav, gunpack.cav, unarch.cav, dunpack.cav…(Too many to omit)

Control Flow Guard (Windows) - MSDN - Microsoft

/guard (Enable Control Flow Guard)

etc - Problems with files and service descriptions

No description, no company name, no version file
smart.cav, cavwpps.dll

Windows Service Description Not Displayed
※If you do not know what to say, run “services.msc” and look at your program’s service description.
At a minimum, the description should help the user understand and trust the service program.

cmdvirth.exe(COMODO Virtual Service Manager), csssrv64.exe(csssrv), GeekBuddyRSP.exe(GeekBuddyRSP Server)

I hope these changes will be fixed in the full version.

I did not check if they really support that but I will trust you on this one. There is probably a reason on why they do not support CFG at the moment. Not an expert but I think it depends on their build environment. It’s not a bad idea and they should evaluate it.


PS: Some screenshots from Process Explorer would be great.

Looks like Google and Mozilla are looking into it.
eg 584575 - chromium - An open-source project to help move the web forward. - Monorail

I uploaded a screenshot in the body as an attachment. Note please.
Thank you for the good info.