Structured Exception Handling Overwrite Protection (SEHOP) is not enabled
Description
Structured Exception Handling overwrite technique can be exploited by an attacker through buffer overflow attacks. To prevent this, Structured Exception Handling Overwrite Protection (SEHOP) must be enabled.
Severity
Critical
Category
OS Security Hardening
Resolution
Follow the below steps to resolve the misconfiguration.
Configure the following registry value:
Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: SYSTEMCurrentControlSetControlSession Managerkernel
Value Name: DisableExceptionChainValidation
Value Type: REG_DWORD
Value: 0
Does remediation require reboot?
No
Vulnerability Manager Plus tracks security configurations and remediate misconfigurations in your network systems from a centralized console. View a list of all the security misconfigurations detected by Vulnerability Manager Plus.