BinSkim skips the BA2008 if the PE optional header doesn't set `MajorLinkerVersion` to 14 or higher. See https://github.com/microsoft/binskim/blob/7946d7c5df1961141d8e88d4fbbdd3dfc01f921a/src/BinSkim.Rules/PERules/BA2008.EnableControlFlowGuard.cs#L56. The Go linker sets it to 3 (invented number, probably), see https://github.com/golang/go/blob/f26a12368c365e59d77b24f5db3801fd50821e42/src/cmd/link/internal/ld/pe.go#L1094. so the rule is skipped. Still pondering options to fix this, created https://github.com/microsoft/binskim/issues/1176 for now.
BinSkim skips the BA2008 if the PE optional header doesn't set
MajorLinkerVersionto 14 or higher. See https://github.com/microsoft/binskim/blob/7946d7c5df1961141d8e88d4fbbdd3dfc01f921a/src/BinSkim.Rules/PERules/BA2008.EnableControlFlowGuard.cs#L56.The Go linker sets it to 3 (invented number, probably), see https://github.com/golang/go/blob/f26a12368c365e59d77b24f5db3801fd50821e42/src/cmd/link/internal/ld/pe.go#L1094. so the rule is skipped.
Still pondering options to fix this, created microsoft/binskim#1176 for now.