Closed Bug 1136544 Opened 7 years ago Closed 7 years ago
Firefox 36 triggers Stack
Pivot mitigation in EMET 5 .1
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.64 Safari/537.36 Steps to reproduce: Install Microsoft EMET 5.1. Add monitoring of firefox.exe, and enable StackPivot Mitigation. Run Firefox. Actual results: Firefox triggers StackPivot mitigation in EMET, causing EMET to terminate Firefox. Expected results: Firefox should launch successfully.
Same bug: Windows 7 Ultimate, EMET 5.1, Firefox 36 without any plugins or addons. Within a few seconds of starting Firefox, EMET terminates Firefox due to StackPivot mitigation.
Can confirm. Just updated from 35. FF starts up and several seconds later is closed. EMET displays a StackPivot notice. Mozilla Crash reporter is shown too. StackPivot is described as: "...checks if the stack pointer is changed to point to attacker-controlled memory areas, common technique in Return Oriented Programming (ROP) attacks." OS: Win7 pro x64 EMET: 5.1 EMET link: http://www.microsoft.com/en-gb/download/details.aspx?id=43714
Status: UNCONFIRMED → NEW
QA Whiteboard: [bugday-20150302]
Ever confirmed: true
I think bug 1137050 was a duplicate: https://bugzilla.mozilla.org/show_bug.cgi?id=1137050. It seems to be resolved in 36.0.1 now.
(In reply to danwakefield from comment #3) > I think bug 1137050 was a duplicate: > https://bugzilla.mozilla.org/show_bug.cgi?id=1137050. It seems to be > resolved in 36.0.1 now. Jeremy, do you agree?
I agree. 36.0.1 seems to work just fine with StackPivot mitigation enabled.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.