Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Windows 10 Exploit Protection system-level mitigation, Randomize memory allocations (Bottom-Up ASLR), must be on.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-77095 | WN10-EP-000030 | SV-91791r1_rule | Medium |
| Description |
|---|
| Exploit protection in Windows 10 enables mitigations against potential threats at the system and application level. Several mitigations, including "Randomize memory allocations (Bottom-Up ASLR)", are enabled by default at the system level. Bottom-Up ASLR (address space layout randomization) randomizes locations for virtual memory allocations, including those for system structures. If this is turned off, Windows 10 may be subject to various exploits. |
| STIG | Date |
|---|---|
| Windows 10 Security Technical Implementation Guide | 2017-12-01 |
Details
| Check Text ( C-76705r2_chk ) |
|---|
| This is NA prior to v1709 of Windows 10. Run "Windows PowerShell" with elevated privileges (run as administrator). Enter "Get-ProcessMitigation -System". If the status of "ASLR: BottomUp" is "OFF", this is a finding. Values that would not be a finding include: ON NOTSET |
| Fix Text (F-83793r2_fix) |
|---|
| Ensure Exploit Protection system-level mitigation, "Randomize memory allocations (Bottom-Up ASLR)" is turned on. Open "Windows Defender Security Center". Select "App & browser control". Select "Exploit protection settings". Under "System settings", configure "Randomize memory allocations (Bottom-Up ASLR)" to "On by default" or "Use default ( |