Windscribe-Desktop-App

GitHub/Windscribe-Desktop-App

Fork 0

mirror of https://github.com/Windscribe/Desktop-App.git synced 2026-05-07 20:12:44 +00:00

Files

T

History

Jonathan Martin 9168f5d309 v2.22.4

2026-04-14 10:21:39 -07:00

CMakeLists.txt

v2.22.4

2026-04-14 10:21:39 -07:00

dllmain.cpp

v2.14.4

2025-02-10 14:00:53 -08:00

README.md

v2.14.3

2025-01-27 15:30:32 -08:00

version.rc.in

v2.22.4

2026-04-14 10:21:39 -07:00

wssecure_globals.h

v2.14.4

2025-02-10 14:00:53 -08:00

wssecure.cpp

v2.14.3

2025-01-27 15:30:32 -08:00

wssecure.h

v2.14.3

2025-01-27 15:30:32 -08:00

README.md

wssecure is a library used on Windows to mitigate against code-injection attacks.

It utilizes Microsoft's SetProcessMitigationPolicy API to block loading of any DLL not signed by Microsoft, and blocks the process from generating dynamic code or modify existing executable code.

The library is implicitly linked with the client app, ensuring the DLL is loaded and its DLL_PROCESS_ATTACH section run before WinMain() executes.

This blocks the attack where a local attacker:

Starts the client app process suspended.
Creates a remote thread in the process with high priority which runs code to load a malicious DLL into the process.
Resumes the process.
The high priority thread will run before WinMain(), and before any globally static objects are created.

This library does NOT prevent an attack where:

The local attacker modifies the executable's library loader table, causing the Windows loader to load their malicious DLL before this mitigation DLL is loaded.