Bitdefender Hypervisor Memory Introspection
Data Fields
_WIN_MITIGATION_FLAGS Union Reference

Mitigation flags. More...

#include <wddefs.h>

Data Fields

struct {
   DWORD   ControlFlowGuardEnabled: 1
 
   DWORD   ControlFlowGuardExportSuppressionEnabled: 1
 
   DWORD   ControlFlowGuardStrict: 1
 
   DWORD   DisallowStrippedImages: 1
 
   DWORD   ForceRelocateImages: 1
 
   DWORD   HighEntropyASLREnabled: 1
 
   DWORD   StackRandomizationDisabled: 1
 
   DWORD   ExtensionPointDisable: 1
 
   DWORD   DisableDynamicCode: 1
 
   DWORD   DisableDynamicCodeAllowOptOut: 1
 
   DWORD   DisableDynamicCodeAllowRemoteDowngrade: 1
 
   DWORD   AuditDisableDynamicCode: 1
 
   DWORD   DisallowWin32kSystemCalls: 1
 
   DWORD   AuditDisallowWin32kSystemCalls: 1
 
   DWORD   EnableFilteredWin32kAPIs: 1
 
   DWORD   AuditFilteredWin32kAPIs: 1
 
   DWORD   DisableNonSystemFonts: 1
 
   DWORD   AuditNonSystemFontLoading: 1
 
   DWORD   PreferSystem32Images: 1
 
   DWORD   ProhibitRemoteImageMap: 1
 
   DWORD   AuditProhibitRemoteImageMap: 1
 
   DWORD   ProhibitLowILImageMap: 1
 
   DWORD   AuditProhibitLowILImageMap: 1
 
   DWORD   SignatureMitigationOptIn: 1
 
   DWORD   AuditBlockNonMicrosoftBinaries: 1
 
   DWORD   AuditBlockNonMicrosoftBinariesAllowStore: 1
 
   DWORD   LoaderIntegrityContinuityEnabled: 1
 
   DWORD   AuditLoaderIntegrityContinuity: 1
 
   DWORD   EnableModuleTamperingProtection: 1
 
   DWORD   EnableModuleTamperingProtectionNoInherit: 1
 
Values
 
DWORD Flags
 

Detailed Description

Mitigation flags.

Available on Windows >= RS3 (16299). These are the possible values for the MitigationFlagsValues field from _EPROCESS

Definition at line 1715 of file wddefs.h.

Field Documentation

◆ AuditBlockNonMicrosoftBinaries

DWORD _WIN_MITIGATION_FLAGS::AuditBlockNonMicrosoftBinaries

Definition at line 1743 of file wddefs.h.

◆ AuditBlockNonMicrosoftBinariesAllowStore

DWORD _WIN_MITIGATION_FLAGS::AuditBlockNonMicrosoftBinariesAllowStore

Definition at line 1744 of file wddefs.h.

◆ AuditDisableDynamicCode

DWORD _WIN_MITIGATION_FLAGS::AuditDisableDynamicCode

Definition at line 1730 of file wddefs.h.

◆ AuditDisallowWin32kSystemCalls

DWORD _WIN_MITIGATION_FLAGS::AuditDisallowWin32kSystemCalls

Definition at line 1732 of file wddefs.h.

◆ AuditFilteredWin32kAPIs

DWORD _WIN_MITIGATION_FLAGS::AuditFilteredWin32kAPIs

Definition at line 1734 of file wddefs.h.

◆ AuditLoaderIntegrityContinuity

DWORD _WIN_MITIGATION_FLAGS::AuditLoaderIntegrityContinuity

Definition at line 1746 of file wddefs.h.

◆ AuditNonSystemFontLoading

DWORD _WIN_MITIGATION_FLAGS::AuditNonSystemFontLoading

Definition at line 1736 of file wddefs.h.

◆ AuditProhibitLowILImageMap

DWORD _WIN_MITIGATION_FLAGS::AuditProhibitLowILImageMap

Definition at line 1741 of file wddefs.h.

◆ AuditProhibitRemoteImageMap

DWORD _WIN_MITIGATION_FLAGS::AuditProhibitRemoteImageMap

Definition at line 1739 of file wddefs.h.

◆ ControlFlowGuardEnabled

DWORD _WIN_MITIGATION_FLAGS::ControlFlowGuardEnabled

Definition at line 1719 of file wddefs.h.

◆ ControlFlowGuardExportSuppressionEnabled

DWORD _WIN_MITIGATION_FLAGS::ControlFlowGuardExportSuppressionEnabled

Definition at line 1720 of file wddefs.h.

◆ ControlFlowGuardStrict

DWORD _WIN_MITIGATION_FLAGS::ControlFlowGuardStrict

Definition at line 1721 of file wddefs.h.

◆ DisableDynamicCode

DWORD _WIN_MITIGATION_FLAGS::DisableDynamicCode

Definition at line 1727 of file wddefs.h.

◆ DisableDynamicCodeAllowOptOut

DWORD _WIN_MITIGATION_FLAGS::DisableDynamicCodeAllowOptOut

Definition at line 1728 of file wddefs.h.

◆ DisableDynamicCodeAllowRemoteDowngrade

DWORD _WIN_MITIGATION_FLAGS::DisableDynamicCodeAllowRemoteDowngrade

Definition at line 1729 of file wddefs.h.

◆ DisableNonSystemFonts

DWORD _WIN_MITIGATION_FLAGS::DisableNonSystemFonts

Definition at line 1735 of file wddefs.h.

◆ DisallowStrippedImages

DWORD _WIN_MITIGATION_FLAGS::DisallowStrippedImages

Definition at line 1722 of file wddefs.h.

◆ DisallowWin32kSystemCalls

DWORD _WIN_MITIGATION_FLAGS::DisallowWin32kSystemCalls

Definition at line 1731 of file wddefs.h.

◆ EnableFilteredWin32kAPIs

DWORD _WIN_MITIGATION_FLAGS::EnableFilteredWin32kAPIs

Definition at line 1733 of file wddefs.h.

◆ EnableModuleTamperingProtection

DWORD _WIN_MITIGATION_FLAGS::EnableModuleTamperingProtection

Definition at line 1747 of file wddefs.h.

◆ EnableModuleTamperingProtectionNoInherit

DWORD _WIN_MITIGATION_FLAGS::EnableModuleTamperingProtectionNoInherit

Definition at line 1748 of file wddefs.h.

◆ ExtensionPointDisable

DWORD _WIN_MITIGATION_FLAGS::ExtensionPointDisable

Definition at line 1726 of file wddefs.h.

◆ Flags

DWORD _WIN_MITIGATION_FLAGS::Flags

Definition at line 1751 of file wddefs.h.

Referenced by IntWinProcDumpEgFlags().

◆ ForceRelocateImages

DWORD _WIN_MITIGATION_FLAGS::ForceRelocateImages

Definition at line 1723 of file wddefs.h.

◆ HighEntropyASLREnabled

DWORD _WIN_MITIGATION_FLAGS::HighEntropyASLREnabled

Definition at line 1724 of file wddefs.h.

◆ LoaderIntegrityContinuityEnabled

DWORD _WIN_MITIGATION_FLAGS::LoaderIntegrityContinuityEnabled

Definition at line 1745 of file wddefs.h.

◆ PreferSystem32Images

DWORD _WIN_MITIGATION_FLAGS::PreferSystem32Images

Definition at line 1737 of file wddefs.h.

◆ ProhibitLowILImageMap

DWORD _WIN_MITIGATION_FLAGS::ProhibitLowILImageMap

Definition at line 1740 of file wddefs.h.

◆ ProhibitRemoteImageMap

DWORD _WIN_MITIGATION_FLAGS::ProhibitRemoteImageMap

Definition at line 1738 of file wddefs.h.

◆ SignatureMitigationOptIn

DWORD _WIN_MITIGATION_FLAGS::SignatureMitigationOptIn

Definition at line 1742 of file wddefs.h.

◆ StackRandomizationDisabled

DWORD _WIN_MITIGATION_FLAGS::StackRandomizationDisabled

Definition at line 1725 of file wddefs.h.

◆ Values

struct { ... } _WIN_MITIGATION_FLAGS::Values
The documentation for this union was generated from the following file: