diff --git a/NanaZip.Shared/Mitigations.cpp b/NanaZip.Shared/Mitigations.cpp index c72b10de9..cd0992259 100644 --- a/NanaZip.Shared/Mitigations.cpp +++ b/NanaZip.Shared/Mitigations.cpp @@ -53,49 +53,19 @@ namespace dwLength); } - static BOOL SetThreadInformationWrapper( - _In_ HANDLE hThread, - _In_ THREAD_INFORMATION_CLASS ThreadInformationClass, - _In_ LPVOID ThreadInformation, - _In_ DWORD ThreadInformationSize) - { - static FARPROC CachedProcAddress = ([]() -> FARPROC - { - HMODULE ModuleHandle = ::GetKernel32ModuleHandle(); - if (ModuleHandle) - { - return ::GetProcAddress( - ModuleHandle, - "SetThreadInformation"); - } - return nullptr; - }()); - - if (!CachedProcAddress) - { - return FALSE; - } - - using ProcType = decltype(::SetThreadInformation)*; - - return reinterpret_cast(CachedProcAddress)( - hThread, - ThreadInformationClass, - ThreadInformation, - ThreadInformationSize); - } - static bool IsWindows8OrLater() { static bool CachedResult = ::MileIsWindowsVersionAtLeast(6, 2, 0); return CachedResult; } +#ifdef NDEBUG static bool IsWindows8Point1OrLater() { static bool CachedResult = ::MileIsWindowsVersionAtLeast(6, 3, 0); return CachedResult; } +#endif static bool IsWindows10OrLater() { @@ -135,7 +105,6 @@ EXTERN_C BOOL WINAPI NanaZipEnableMitigations() { PROCESS_MITIGATION_DYNAMIC_CODE_POLICY Policy = { 0 }; Policy.ProhibitDynamicCode = 1; - Policy.AllowThreadOptOut = 1; if (!::SetProcessMitigationPolicyWrapper( ProcessDynamicCodePolicy, &Policy, @@ -163,21 +132,6 @@ EXTERN_C BOOL WINAPI NanaZipEnableMitigations() return TRUE; } -EXTERN_C BOOL WINAPI NanaZipThreadDynamicCodeAllow() -{ - if (!::IsWindows8Point1OrLater()) - { - return TRUE; - } - - DWORD ThreadPolicy = THREAD_DYNAMIC_CODE_ALLOW; - return ::SetThreadInformationWrapper( - ::GetCurrentThread(), - ThreadDynamicCodePolicy, - &ThreadPolicy, - sizeof(DWORD)); -} - EXTERN_C BOOL WINAPI NanaZipDisableChildProcesses() { if (!::IsWindows10_1709OrLater()) diff --git a/NanaZip.Shared/Mitigations.h b/NanaZip.Shared/Mitigations.h index 00fbdd9c7..41444289a 100644 --- a/NanaZip.Shared/Mitigations.h +++ b/NanaZip.Shared/Mitigations.h @@ -15,7 +15,6 @@ #include EXTERN_C BOOL WINAPI NanaZipEnableMitigations(); -EXTERN_C BOOL WINAPI NanaZipThreadDynamicCodeAllow(); EXTERN_C BOOL WINAPI NanaZipDisableChildProcesses(); #endif // !NANAZIP_SHARED_MITIGATIONS diff --git a/NanaZip.UI.Classic/SevenZip/CPP/7zip/UI/FileManager/FM.cpp b/NanaZip.UI.Classic/SevenZip/CPP/7zip/UI/FileManager/FM.cpp index b351033cb..ff77afdbd 100644 --- a/NanaZip.UI.Classic/SevenZip/CPP/7zip/UI/FileManager/FM.cpp +++ b/NanaZip.UI.Classic/SevenZip/CPP/7zip/UI/FileManager/FM.cpp @@ -682,12 +682,6 @@ int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE /* hPrevInstance */, ErrorMessage("Cannot enable security mitigations"); } -#ifdef NDEBUG - // opt out of dynamic code policy on UI thread to prevent Explorer extension incompatibility - // ignore errors since they shouldn't be fatal - ::NanaZipThreadDynamicCodeAllow(); -#endif - try { try diff --git a/NanaZip.UI.Modern/SevenZip/CPP/7zip/UI/FileManager/FM.cpp b/NanaZip.UI.Modern/SevenZip/CPP/7zip/UI/FileManager/FM.cpp index b64498def..04c271239 100644 --- a/NanaZip.UI.Modern/SevenZip/CPP/7zip/UI/FileManager/FM.cpp +++ b/NanaZip.UI.Modern/SevenZip/CPP/7zip/UI/FileManager/FM.cpp @@ -688,12 +688,6 @@ int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE /* hPrevInstance */, ErrorMessage("Cannot enable security mitigations"); } -#ifdef NDEBUG - // opt out of dynamic code policy on UI thread to prevent Explorer extension incompatibility - // ignore errors since they shouldn't be fatal - ::NanaZipThreadDynamicCodeAllow(); -#endif - try { try