Windows Defender

What is Control Flow Guard in Windows 10 - How to turn it On or Off

What is Control Flow Guard in Windows 10 - How to turn it On or Off

Windows 10 built-in security feature - Control Flow Guard (CFG) is designed to combat memory corruption vulnerabilities. Control Flow Guard helps prevent memory corruption, which is very helpful to prevent ransomware attacks. The capabilities of the server are restricted to whatever is needed at that point of time to reduce the attack surface. Exploit Protection is a part of the Exploit Guard feature in Windows Defender. CFG is a part of this feature.

Control Flow Guard in Windows 10

Let's delve a bit deeper into the Control Flow Guard feature in Windows 10 and answer a few questions like:

  1. What is Control Flow Guard and how does it work?
  2. How does Control Flow Guard affect browser performance?
  3. How to disable Control Flow Guard?

1] What is Control Flow Guard and how does it work

Control Flow Guard is a feature that makes it harder for exploits to execute arbitrary code through vulnerabilities such as buffer overflows. As we know, software vulnerabilities are often exploited by providing unlikely, unusual, or extreme data to a running program. For example, an attacker can exploit a buffer overflow vulnerability by providing more input to a program than expected, thereby over-running the area reserved by the program to hold a response. This scheme possibly corrupts adjacent memory that may hold a function pointer. When the program calls through this function, it may then jump to an unintended location specified by the attacker.

To avoid such instances, a potent combination of compile and run-time support from Control Flow Guard implements a control flow integrity that tightly restricts spots where indirect call instructions can be executed. It also identifies the set of functions in the application that could be the potential targets for indirect calls. As such, Control Flow Guard inserts extra security checks that could detect attempts to hijack the original code.

When a CFG check fails at runtime, Windows immediately terminates the program, thus breaking any exploit that attempts to indirectly call an invalid address.

2] How does Control Flow Guard affect browser performance

The feature is reported to be causing performance issues for Chromium-based browsers. All major browsers like Google Chrome, Microsoft Edge browser, Vivaldi and scores of others seem to have been affected by it. The issue came to light when developers at Vivaldi run Chromium unit tests on Windows 7 and found them running faster than on the most recent version of Windows 10.

The Windows Kernel Team manager acknowledged the issue and said they built a fix which will be shipped in a couple of weeks.

3] How to disable Control Flow Guard in Windows 10

If you wish to disable this feature, follow this procedure.

Click on Start and search for Windows Security.

Choose Windows Security from the left pane of 'Update and Security' section of Windows Defender Settings.

Select 'App & browser Control' and scroll down to locate 'Exploit Protection Settings'. Select it and choose 'Control Flow Guard'.

Hit the drop-down arrow and select 'Off by default' option.

I hope this helps.

How to change Left & Right mouse buttons on Windows 10 PC
It's quite a norm that all computer mouse devices are ergonomically designed for right-handed users. But there are mouse devices available which are s...
Emulate Mouse clicks by hovering using Clickless Mouse in Windows 10
Using a mouse or keyboard in the wrong posture of excessive usage can result in a lot of health issues, including strain, carpal tunnel syndrome, and ...
Add Mouse gestures to Windows 10 using these free tools
In recent years computers and operating systems have greatly evolved. There was a time when users had to use commands to navigate through file manager...