Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Structured Exception Handler Overwrite Protection (SEHOP) - Prevents an attacker from being able to make attackers from making use of the Structured Exception Handler (SEH) overwrite exploitation technique. SEH overwrites are commonly used by exploits that target the increasing number of browser-based vulnerabilities. The SEHOP mitigation technique is made possible because of an implicit side effect of an SEH overwrite. When the majority of stack-based buffer overflows occur, an attacker will implicitly overwrite the next pointer of an exception registration record prior to overwriting the record’s exception handler function pointer. Because the next pointer is corrupted, the integrity of the exception handler chain is broken. This insight, in combination with ASLR, is what allows SEHOP to effectively mitigate SEH overwrites. For more information about SEHOP, go to the Microsoft TechNet Blogs at http://blogs.technet.com/b/srd/archive/2009/02/02/preventing-the-exploitation-of-seh-overwrites-with-sehop.aspx.

Null Page Protection (NullPage) - Pre-allocates the null page to prevent exploits from using it for malicious purpose.

...