Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
EMET thwarts injection #1546
From bruen...@google.com on September 27, 2014 22:47:46
Trying to run powerpnt.exe from Office 2010 under DR on one of my machines recently resulted in powerpnt launching natively, whether I tried drrun, from-parent injection, or AppInit. This is a 64-bit app, so not wow64 layer.
Disabling all the checkboxes for EMET for powerpnt.exe and it then runs fine under DR.
Original issue: http://code.google.com/p/dynamorio/issues/detail?id=1546