
Runtime Memory Patching on x86/x64 - javinpaul
http://polystream.com/polystream-tech/2017/10/9/runtime-memory-patching
======
j_s
Companies are popping up hoping to crowdsource temporary security patches:

patching a 0-day: Windows gdi32.dll memory disclosure |
[https://news.ycombinator.com/item?id=13774397](https://news.ycombinator.com/item?id=13774397)
(Mar 2017, 43 comments)

>sst8: _Live patching is gaining the momentum - see Ksplice, Kpatch, kGraft,
XEN and similar_

>dielel: _Our micropatch (7 of them, really, for 4 different Windows OS
versions) for CVE-2017-0038 is user-mode. As are currently all our
micropatches. Processes using gdi32.dll do not need to be relaunched to have
it applied._

\--

The list of hot-reloading alternatives was awesome; I sometimes wish I could
'star' a single file like that README:
[https://github.com/RuntimeCompiledCPlusPlus/RuntimeCompiledC...](https://github.com/RuntimeCompiledCPlusPlus/RuntimeCompiledCPlusPlus)

This technique of manually NOP-ing out things at runtime is definitely beyond
my usual approach of setting a breakpoint and then choosing where to continue
execution manually!

