Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Hard_Configurator Tools
Hard_Configurator - Windows Hardening Configurator
Message
<blockquote data-quote="509322" data-source="post: 731313"><p>[USER=37647]@shmu26[/USER] - the issue of 32 bit processes as a high security risk on 64 bit OSes is a complex one - and entirely Microsoft's fault. One of the primary reason is Microsoft's obsessive avoidance of breaking "legacy" technology. The topic is touched upon here: I honest do not know much about Windows 10 1709 Exploit Guard so ask [USER=32260]@Andy Ful[/USER]. I wouldn't be surprised it it hasn't changed becuase fundamaentally EMET and Exploit Guard are the same.</p><p></p><p><a href="https://threatpost.com/latest-emet-bypass-targets-wow64-windows-subsystem/115224/" target="_blank">Latest EMET Bypass Targets WoW64 Windows Subsystem</a>.</p><p></p><p>However the issue you bring up is a much, much bigger picture one and extends well beyond Microsoft's anti-exploit features. Malc0ders can play all kinds of games with 32 bit processes on 64 bit Windows and accomplish dastardly things. So your very best protection is not to use 32 bit processes on 64 bit Windows as much as you possibly can manage - in the same vein that it is in your best interests not to use widely popular programs that are widely distributed, popular and commonly targeted by malc0ders (e.g. Microsoft Office). <span style="color: rgb(41, 105, 176)"><strong>The bottom line is that you cannot count upon any security solution to protect you in these situations in absolute terms (not as long as highly imperfect Ai, humans and code are involved). If very high protection without hassle is what you are searching for then you are pursuing a futile enterprise. Give that pursuit up... go spend more time your children... doing so will yield much greater dividends for them, and for you. Anybody that is truly ethical and honest will not say anything other than what I have said. I don't promote some fantasy "Auto-Magical." That's the death-bed, black hole reality of it. I am giving you the perspective of one who has seen stuff you people wouldn't believe - even when people though they had multi- N-layer "impenetrable" fortresses - even using "Auto-Magical." I know this is the last thing you want to here, but there it is.</strong></span></p><p></p><p><span style="color: rgb(41, 105, 176)"><strong>Just find what you really like - what works for you personally - and stick with it. Nothing is going to be bug free. Nothing is going to without some kind of hassle. </strong></span><strong><span style="color: rgb(184, 49, 47)">You have to pick the lesser of all evils. This is how it works. I cannot stress that it is the best objective in all of security soft\geek "La-La Land." In my particular case, AppGuard, for me, has been the least of all evils and is the reason I work for AppGuard LLC. To some it might seem an odd way of describing my employer's product but within the context of this particular discussion it is the most apt way to describe it; it most certainly is not a derogatory statement. And those who have more than a walnut sized brain sitting on their shoulders should be able to understand the statement within the context of this post. However, there is always some malicious dolt that might come along and extract that statement and </span></strong><span style="color: #b8312f"><strong>re-purpose</strong></span><strong><span style="color: rgb(184, 49, 47)"> it out of context to their own ends.</span></strong></p><p></p><p>There are multiple, known ways that 32 bit processes can bypass 64 bit protections. Research it. There's all kinds of stuff online that discusses corner cases.</p><p></p><p>You are beat if you think are completely safe with 32 bit processes running on 64 bit Windows 19, despite all the newly introduced Windows Defender Security Center stuff. Better use @And Ful 's Hard_Configurator default deny or something equivalent - whatever works best for you - whatever you like best.</p></blockquote><p></p>
[QUOTE="509322, post: 731313"] [USER=37647]@shmu26[/USER] - the issue of 32 bit processes as a high security risk on 64 bit OSes is a complex one - and entirely Microsoft's fault. One of the primary reason is Microsoft's obsessive avoidance of breaking "legacy" technology. The topic is touched upon here: I honest do not know much about Windows 10 1709 Exploit Guard so ask [USER=32260]@Andy Ful[/USER]. I wouldn't be surprised it it hasn't changed becuase fundamaentally EMET and Exploit Guard are the same. [URL='https://threatpost.com/latest-emet-bypass-targets-wow64-windows-subsystem/115224/']Latest EMET Bypass Targets WoW64 Windows Subsystem[/URL]. However the issue you bring up is a much, much bigger picture one and extends well beyond Microsoft's anti-exploit features. Malc0ders can play all kinds of games with 32 bit processes on 64 bit Windows and accomplish dastardly things. So your very best protection is not to use 32 bit processes on 64 bit Windows as much as you possibly can manage - in the same vein that it is in your best interests not to use widely popular programs that are widely distributed, popular and commonly targeted by malc0ders (e.g. Microsoft Office). [COLOR=rgb(41, 105, 176)][B]The bottom line is that you cannot count upon any security solution to protect you in these situations in absolute terms (not as long as highly imperfect Ai, humans and code are involved). If very high protection without hassle is what you are searching for then you are pursuing a futile enterprise. Give that pursuit up... go spend more time your children... doing so will yield much greater dividends for them, and for you. Anybody that is truly ethical and honest will not say anything other than what I have said. I don't promote some fantasy "Auto-Magical." That's the death-bed, black hole reality of it. I am giving you the perspective of one who has seen stuff you people wouldn't believe - even when people though they had multi- N-layer "impenetrable" fortresses - even using "Auto-Magical." I know this is the last thing you want to here, but there it is.[/B][/COLOR] [COLOR=rgb(41, 105, 176)][B]Just find what you really like - what works for you personally - and stick with it. Nothing is going to be bug free. Nothing is going to without some kind of hassle. [/B][/COLOR][B][COLOR=rgb(184, 49, 47)]You have to pick the lesser of all evils. This is how it works. I cannot stress that it is the best objective in all of security soft\geek "La-La Land." In my particular case, AppGuard, for me, has been the least of all evils and is the reason I work for AppGuard LLC. To some it might seem an odd way of describing my employer's product but within the context of this particular discussion it is the most apt way to describe it; it most certainly is not a derogatory statement. And those who have more than a walnut sized brain sitting on their shoulders should be able to understand the statement within the context of this post. However, there is always some malicious dolt that might come along and extract that statement and [/COLOR][/B][COLOR=#b8312f][B]re-purpose[/B][/COLOR][B][COLOR=rgb(184, 49, 47)] it out of context to their own ends.[/COLOR][/B] There are multiple, known ways that 32 bit processes can bypass 64 bit protections. Research it. There's all kinds of stuff online that discusses corner cases. You are beat if you think are completely safe with 32 bit processes running on 64 bit Windows 19, despite all the newly introduced Windows Defender Security Center stuff. Better use @And Ful 's Hard_Configurator default deny or something equivalent - whatever works best for you - whatever you like best. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
