public inbox for cygwin@cygwin.com
 help / color / mirror / Atom feed
From: Brian Inglis <Brian.Inglis@SystematicSw.ab.ca>
To: cygwin@cygwin.com
Subject: Re: How can I determine why gdb throws unknown exceptions when debugging programs with threads on my Cygwin installation?
Date: Sat, 26 Oct 2019 03:20:00 -0000	[thread overview]
Message-ID: <27085aa1-2a98-deca-56f1-57f106aea5fa@SystematicSw.ab.ca> (raw)
In-Reply-To: <84846bf94ea446ca9e2cab4935c6eebb@OEM26.oemsurplus.local>

On 2019-10-25 20:34, Jay P. Elston wrote:
> On October 25, 2019 6:48 AM, Michael Soegtrop wrote:
>> It has been reported in the past that antivirus software from Trend Micro
>> result in STATUS_GUARD_PAGE_VIOLATION in ntdll!RtlAllocateHeap ().
>> See:
>> http://cygwin.1069669.n5.nabble.com/XWin-startup-crash-x86-64-Windows-10-td126544.html#a126561

> On the advice of Jon Turney, I ran a "bt f" command after gdb caught the 
> exception, and it appears that a Trend Micro dll  (TmUmEvt64.dll) is where
> the error occurs:> This is not a Cygwin problem -- the solution is to be to add the Cygwin bin
> directory to Trend Micro's exception list. I will give this a try after I get
> our IT department to do this.
Trend Micro AV product was exploitable last week, from coordinated public
disclosure of a vulnerability on Oct 19, not patched until Oct 25: they were
notified Sep 9, and confirmed the issue Sep 25. Update immediately!
he Trend Micro AV product does not seem to perform as well, or rate as highly,
as the default, free MS Windows Defender, and other better AV packages.
Some of their vulnerabilities seem head-slappingly obviously *BAD*, like the
latest, allowing any malware called cmd.exe or regedit.exe to be downloaded from
anywhere and run without any checks!

-- 
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada

This email may be disturbing to some readers as it contains
too much technical detail. Reader discretion is advised.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

  reply	other threads:[~2019-10-26  3:20 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-10-23 17:25 Jay P. Elston
2019-10-25 13:32 ` Jon Turney
2019-10-25 13:49   ` Soegtrop, Michael
2019-10-26  2:34     ` Jay P. Elston
2019-10-26  3:20       ` Brian Inglis [this message]
2019-10-28  8:40       ` Soegtrop, Michael

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=27085aa1-2a98-deca-56f1-57f106aea5fa@SystematicSw.ab.ca \
    --to=brian.inglis@systematicsw.ab.ca \
    --cc=cygwin@cygwin.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).