It seems to me that it's a major security vulnerability, seeing as it can edit the memory of other processes. So, why does the Virtualallocex function exist?
Asked
Active
Viewed 217 times
0
-
"it's a major security vulnerability" - you'd think, but **it isn't** because the programs that can use it are already on the right side of the _air-tight hatchway_: https://devblogs.microsoft.com/oldnewthing/20060508-22/?p=31283 – Dai Oct 03 '21 at 02:58
-
"So, why does the `VirtualAllocEx` function exist?" - without it how could a debugger work? How could an extensibility system work? How could multi-process IPC work? If you think certain applications should be "blessed" or have permission to use that function, then that's (almost) already the case in Windows with UAC. – Dai Oct 03 '21 at 02:59
-
Does this answer your question? [For what do I need to use VirtualAlloc/VirtualAllocEx?](https://stackoverflow.com/questions/17513363/for-what-do-i-need-to-use-virtualalloc-virtualallocex) – Dai Oct 03 '21 at 03:00