Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In

Categories

client binaries appear to be missing security mitigations

ForeverFunForeverFun Posts: 1,084
edited January 2024 in Bugs
At least for EC (UOSA.EXE), and possibly CC as well.

Missing security mitigations such as DYNAMICBASE.

Should probably also set LARGEADDRESSAWARE, at least until native x64 binary[s'] are built?

Expected result: binaries should have all current security mitigations enabled.

p.s. is broadsword OK with instructions being posted on how to remedy some aspects of this?

Comments

  • MariahMariah Posts: 3,704Moderator
    I think it would be safer to convey that information in an email - uo@broadsword.com should be the appropriate address.
  • ForeverFunForeverFun Posts: 1,084
    Mariah said:
    I think it would be safer to convey that information in an email - uo@ broadsword.com should be the appropriate address.

    I've never received any reply for bug reports sent to that email address (nor fixes in publishes).  Problem with my email, or on the broadsword side?

    I can be reached here via direct/private message.
  • ForeverFunForeverFun Posts: 1,084
    edited January 25

    What came of this?  It doesn't seem to have been changed.

    I see no reply on this forum, no emails, an no direct messages for followup.

    It's intriguing for the above reasons, especially when coupled with the recent mention the forums are going to be shuttered for security reasons.  

    Perhaps some brainstorming of other options is in order.

    p.s. A friend showed me the bug reporting area in the UO discord.  It doesn't seem like the contents of this forum have been ported over.  There was also no broadsword QA/customer service reply on an issue mentioned on the UO discord regarding the ability to move a jewelry box (when it has been filled), which was also posted here.  

    Is the way customer reported issues are handled going to evolve in (this) new year? 
  • GrimbeardGrimbeard Posts: 3,425
    ForeverFun said:

    What came of this?  It doesn't seem to have been changed.

    I see no reply on this forum, no emails, an no direct messages for followup.

    It's intriguing for the above reasons, especially when coupled with the recent mention the forums are going to be shuttered for security reasons.  

    Perhaps some brainstorming of other options is in order.

    p.s. A friend showed me the bug reporting area in the UO discord.  It doesn't seem like the contents of this forum have been ported over.  There was also no broadsword QA/customer service reply on an issue mentioned on the UO discord regarding the ability to move a jewelry box (when it has been filled), which was also posted here.  

    Is the way customer reported issues are handled going to evolve in (this) new year? 
    This would be a great 5 on Friday question for the discord 
Sign In or Register to comment.