Pretty sure you won’t notice any difference with core isolation enabled.
Why can’t you use sandboxed browser?
Things don’t work without compromises.
Why can’t you use sandboxed browser?
Things don’t work without compromises.
Yes, I will visit shady websites and open shady pdf - third party security?
- Thread starter Nikos751
- Start date
Please provide comments and solutions that are helpful to the author of this topic.
I am using PDF viewer Plus (from Micorsoft Store), it runs in AppContainer and with Microsoft Defender Exploit Protection (which also works when you use a different AV), you can further restrict this PDF viewer (executable has another name: FlexPdfViewer.exe)
FlexPdfViewer.exe
- Block low-integrity images
- Block remote images
- Code Integrity Guard (on, but also allow loading images of Microsoft Store)
- Control Flow Guard
- Data Execution Prevention
- Disable extension points
- Do not allow child processes
- Mandatory ASLR
- Bottom-up ASLR
- (enable) SEHOP
- Validate HEAP integrity
- Validate image dependency integrity
As said, the PDF viewer Plus runs in an APPCOINTAINER integrity rights sandbox, so with above hardening malware has to take a few extra hurdless to escape this strenghtened sandbox.
FlexPdfViewer.exe
- Block low-integrity images
- Block remote images
- Code Integrity Guard (on, but also allow loading images of Microsoft Store)
- Control Flow Guard
- Data Execution Prevention
- Disable extension points
- Do not allow child processes
- Mandatory ASLR
- Bottom-up ASLR
- (enable) SEHOP
- Validate HEAP integrity
- Validate image dependency integrity
As said, the PDF viewer Plus runs in an APPCOINTAINER integrity rights sandbox, so with above hardening malware has to take a few extra hurdless to escape this strenghtened sandbox.
Last edited by a moderator:
Similar threads
