摘要:Chakra vulnerability,Bypass ASLR&DEP,Bypass CFG,Bypass CIG,Bypass ACG,Exploit,Q&A. Chakra vulnerability The vulnerability was discovered on May31,2016.The vulnerability was fixed in February2017.Two general ways load malicious native code into memory, Load malicious DLL/EXE from disk Dynamic generate code.CIG block the first way, Only properly signed DLLs are allowed to load by a process, Child process can not be created (Windows 10 1607).ACG block the second way, Code pagesare immutable, New, unsigned code cannot be created.