Windows 10 内置安全功能 –控制流防护 (CFG)^{(Control Flow Guard (CFG))}旨在对抗内存损坏漏洞。Control Flow Guard有助于防止内存损坏，这对于防止勒索软件攻击非常有帮助。服务器的功能被限制在那个时间点所需的任何东西上，以减少攻击面。Exploit Protection是Windows Defender中^{(Windows Defender)}Exploit Guard功能的一部分。CFG是此功能的一部分。

Windows 10 中的控制流保护

让我们更深入地研究Windows 10中的^{(Windows 10)}控制流防护^{(Control Flow Guard)}功能并回答一些问题，例如：

1. 什么是Control Flow Guard，它是如何工作的？
2. Control Flow Guard^{(Flow Guard)}如何影响浏览器性能？
3. 如何禁用控制流保护？

1] 什么是控制流防护^{(Control Flow Guard)}以及它是如何工作的

Control Flow Guard是一项功能，它使漏洞利用程序更难通过缓冲区溢出等漏洞执行任意代码。众所周知，软件漏洞通常通过向正在运行的程序提供不太可能、不寻常或极端的数据来加以利用。例如，攻击者可以通过向程序提供比预期更多的输入来利用缓冲区溢出漏洞，从而超出程序为保存响应而保留的区域。这种方案可能会破坏可能保存函数指针的相邻内存。当程序通过该函数调用时，它可能会跳转到攻击者指定的非预期位置。

为了避免这种情况，来自控制流保护^{(Control Flow Guard)}的编译和运行时支持的有效组合实现了控制流完整性，严格限制了可以执行间接调用指令的位置。它还标识了应用程序中可能成为间接调用的潜在目标的一组函数。因此，Control Flow Guard插入了额外的安全检查，可以检测到劫持原始代码的尝试。

当CFG检查在运行时失败时，Windows会立即终止程序，从而破坏任何试图间接调用无效地址的漏洞。

2] Control Flow Guard如何^(How)影响浏览器性能

据报道，该功能会导致基于Chromium的浏览器出现性能问题。Google Chrome、Microsoft Edge浏览器、Vivaldi等所有主流浏览器似乎都受到了它的影响。当Vivaldi的开发人员在^(Vivaldi)Windows 7上运行Chromium单元测试并发现它们比在最新版本的Windows 10上运行得更快时，这个问题就暴露出来了。

Windows 内核团队^{(Windows Kernel Team)}经理承认了这个问题，并表示他们构建了一个修复程序，将在几周内发布。

3]如何^(How)在Windows 10中禁用控制流保护^{(Control Flow Guard)}

如果您希望禁用此功能，请按照此步骤操作。

单击开始并搜索Windows 安全性^{(Windows Security)}。

从Windows Defender 设置的“^{(Windows Defender Settings)}更新和安全^{(Update and Security)}”部分的左侧窗格中选择Windows 安全^{(Windows Security)}。

选择“应用程序和浏览器控制^{(App & browser Control)}”并向下滚动以找到“漏洞利用保护设置^{(Exploit Protection Settings)}”。选择它并选择“控制流卫士^{(Control Flow Guard)}”。

点击下拉箭头并选择“默认关闭”选项。

我希望这有帮助。^{(I hope this helps.)}

What is Control Flow Guard in Windows 10 - How to turn it On or Off

Windows 10 built-in security feature – Control Flow Guard (CFG) is designed to combat memory corruption vulnerabilities. Control Flow Guard helps prevent memory corruption, which is very helpful to prevent ransomware attacks. The capabilities of the server are restricted to whatever is needed at that point of time to reduce the attack surface. Exploit Protection is a part of the Exploit Guard feature in Windows Defender. CFG is a part of this feature.

Control Flow Guard in Windows 10

Let’s delve a bit deeper into the Control Flow Guard feature in Windows 10 and answer a few questions like:

1. What is Control Flow Guard and how does it work?
2. How does Control Flow Guard affect browser performance?
3. How to disable Control Flow Guard?

1] What is Control Flow Guard and how does it work

Control Flow Guard is a feature that makes it harder for exploits to execute arbitrary code through vulnerabilities such as buffer overflows. As we know, software vulnerabilities are often exploited by providing unlikely, unusual, or extreme data to a running program. For example, an attacker can exploit a buffer overflow vulnerability by providing more input to a program than expected, thereby over-running the area reserved by the program to hold a response. This scheme possibly corrupts adjacent memory that may hold a function pointer. When the program calls through this function, it may then jump to an unintended location specified by the attacker.

To avoid such instances, a potent combination of compile and run-time support from Control Flow Guard implements a control flow integrity that tightly restricts spots where indirect call instructions can be executed. It also identifies the set of functions in the application that could be the potential targets for indirect calls. As such, Control Flow Guard inserts extra security checks that could detect attempts to hijack the original code.

When a CFG check fails at runtime, Windows immediately terminates the program, thus breaking any exploit that attempts to indirectly call an invalid address.

2] How does Control Flow Guard affect browser performance

The feature is reported to be causing performance issues for Chromium-based browsers. All major browsers like Google Chrome, Microsoft Edge browser, Vivaldi and scores of others seem to have been affected by it. The issue came to light when developers at Vivaldi run Chromium unit tests on Windows 7 and found them running faster than on the most recent version of Windows 10.

The Windows Kernel Team manager acknowledged the issue and said they built a fix which will be shipped in a couple of weeks.

3] How to disable Control Flow Guard in Windows 10

If you wish to disable this feature, follow this procedure.

Click on Start and search for Windows Security.

Choose Windows Security from the left pane of ‘Update and Security’ section of Windows Defender Settings.

Select ‘App & browser Control’ and scroll down to locate ‘Exploit Protection Settings’. Select it and choose ‘Control Flow Guard’.

Hit the drop-down arrow and select ‘Off by default’ option.

I hope this helps.

Related posts

• 什么是Windows 10中的App & Browser Control以及如何隐藏它

• 如何在Windows 10手动更新Windows Defender

• Windows 10中的Remove Windows Defender Notification Icon

• 如何在Windows 10的Exploit Protection中添加或排除应用程序

• 如何在Windows 10中清除Windows Defender Protection History

• 如何使用 TeamViewer：适用于 Windows 10 和 Windows 10 Mobile 的远程控制应用程序

• 如何使用 Miracast 从 Windows 10 移动版投影到电视或显示器

• 如何在Windows 10上使用PIP安装NumPy

• 在Windows 10中启用或禁用凭证Guard

• Windows 10中的Create Control Panel All Tasks Shortcut

• 如何禁用可移动存储类和Windows 10访问

• Windows 10中的Fix NVIDIA Control Panel Missing

• Control Panel在Windows 10中的Hide Items

• 如何在Windows 10上禁用Feature Updates的保障措施

• 如何阻止访问 Windows 10 设置和控制面板

• 如何为 Windows Defender 防病毒设置自己的扫描计划

• Windows 10的Best Parental Control Software

• 在Windows 10启用或打开Microsoft Defender的通知

• 什么是Windows 10中的Firewall and Network Protection以及如何隐藏此部分

• 当您拥有 Windows Defender 时，Windows 10 是否需要防病毒软件？