Re: Silver Bullet
Heap overrun exploits.
You've mentioned this a couple of times; I still don't see the relevance.
To overwrite the PC, you still need to get some data into an area that will be loaded into PC - and that's the return address on the stack. If you should manage to exploit a heap overflow to manipulate the return address on the stack, that address will not match the shadow stack when the RET is executed - so the task will be stopped before it gets to your code. And if you attempt to use that exploit to manipulate the shadow stack, that will generate its own exception, killing the exploit.
Now there might well be issue as yet unrealised in this proposal - but a simple heap exploit wouldn't appear to be it.
Vic.