{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T17:10:07Z","timestamp":1755882607488,"version":"3.44.0"},"publisher-location":"New York, NY, USA","reference-count":18,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,7,30]],"date-time":"2024-07-30T00:00:00Z","timestamp":1722297600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,7,30]]},"DOI":"10.1145\/3664476.3670432","type":"proceedings-article","created":{"date-parts":[[2024,7,25]],"date-time":"2024-07-25T12:35:50Z","timestamp":1721910950000},"page":"1-11","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Analysis of the Windows Control Flow Guard"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0009-2306-5695","authenticated-orcid":false,"given":"Niels","family":"Pfau","sequence":"first","affiliation":[{"name":"Institute of IT Security Research, St. P\u00f6lten University of Applied Sciences, Austria"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0898-9824","authenticated-orcid":false,"given":"Patrick","family":"Kochberger","sequence":"additional","affiliation":[{"name":"Institute of IT Security Research, St. P\u00f6lten University of Applied Sciences, Austria"}]}],"member":"320","published-online":{"date-parts":[[2024,7,30]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Google Project\u00a0Zero Ben\u00a0Hawkes. 2019. 0day \"In the Wild\". https:\/\/googleprojectzero.blogspot.com\/p\/0day.html"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.3390\/app12136702"},{"key":"e_1_3_2_1_3_1","volume-title":"Windows Internals: User Mode","author":"Catlin B.","year":"2017","unstructured":"B. Catlin, P. Yosifovich, J.E. Hanrahan, M.E. Russinovich, A. Ionescu, and D.A. Solomon. 2017. Windows Internals: User Mode. Microsoft Press. https:\/\/books.google.de\/books?id=V4kjnwEACAAJ"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/3607199.3607229"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/FITS.2003.1264935"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2021.3121994"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN53405.2022.00061"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417867"},{"key":"e_1_3_2_1_9_1","volume-title":"Exploit Development: Browser Exploitation on Windows - CVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 1). https:\/\/connormcgarr.github.io\/type-confusion-part-1\/","author":"McGarr Connor","year":"2022","unstructured":"Connor McGarr. 2022. Exploit Development: Browser Exploitation on Windows - CVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 1). https:\/\/connormcgarr.github.io\/type-confusion-part-1\/"},{"key":"e_1_3_2_1_10_1","volume-title":"Exploit Development: Browser Exploitation on Windows - CVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 2). https:\/\/connormcgarr.github.io\/type-confusion-part-2\/","author":"McGarr Connor","year":"2022","unstructured":"Connor McGarr. 2022. Exploit Development: Browser Exploitation on Windows - CVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 2). https:\/\/connormcgarr.github.io\/type-confusion-part-2\/"},{"key":"e_1_3_2_1_11_1","unstructured":"Microsoft. 2021. Dumpbin Reference. https:\/\/learn.microsoft.com\/en-us\/cpp\/build\/reference\/dumpbin-reference?view=msvc-170"},{"key":"e_1_3_2_1_12_1","unstructured":"Microsoft. 2023. Virtualization-based Security (VBS). https:\/\/learn.microsoft.com\/en-us\/windows-hardware\/design\/device-experiences\/oem-vbs"},{"key":"e_1_3_2_1_13_1","unstructured":"Winsider Seminars and Solutions Inc.2023. systeminformer. https:\/\/github.com\/winsiderss\/systeminformer"},{"key":"e_1_3_2_1_14_1","volume-title":"Exploring control flow guard in windows 10. Trend Micro","author":"Tang Jack","year":"2015","unstructured":"Jack Tang and Trend Micro Threat\u00a0Solution Team. 2015. Exploring control flow guard in windows 10. Trend Micro (2015). http:\/\/sjc1-te-ftp.trendmicro.com\/assets\/wp\/exploring-control-flow-guard-in-windows10.pdf"},{"key":"e_1_3_2_1_15_1","unstructured":"Jacob Thompson. 2020. Six Facts about Address Space Layout Randomization on Windows. Technical Report. Mandiant. https:\/\/www.mandiant.com\/resources\/blog\/six-facts-about-address-space-layout-randomization-on-windows"},{"key":"e_1_3_2_1_16_1","unstructured":"David Weston. 2019. Advancing Windows Security. (2019). https:\/\/query.prod.cms.rt.microsoft.com\/cms\/api\/am\/binary\/RE37dMC"},{"key":"e_1_3_2_1_17_1","unstructured":"Zhang Yunhai. 2015. Bypass Control Flow Guard Comprehensively. https:\/\/www.blackhat.com\/docs\/us-15\/materials\/us-15-Zhang-Bypass-Control-Flow-Guard-Comprehensively-wp.pdf"},{"key":"e_1_3_2_1_18_1","unstructured":"Wenbin Zheng. 2015. Windows 10 Control Flow Guard Internals. https:\/\/powerofcommunity.net\/poc2014\/mj0011.pdf"}],"event":{"name":"ARES 2024: The 19th International Conference on Availability, Reliability and Security","acronym":"ARES 2024","location":"Vienna Austria"},"container-title":["Proceedings of the 19th International Conference on Availability, Reliability and Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3664476.3670432","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3664476.3670432","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T16:51:47Z","timestamp":1755881507000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3664476.3670432"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,7,30]]},"references-count":18,"alternative-id":["10.1145\/3664476.3670432","10.1145\/3664476"],"URL":"https:\/\/doi.org\/10.1145\/3664476.3670432","relation":{},"subject":[],"published":{"date-parts":[[2024,7,30]]},"assertion":[{"value":"2024-07-30","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}