d50f88d1-0103-4194-9add-21f3846dc0d2
Attackers are constantly looking for vulnerabilities in systems and applications. Structured Exception Handling Overwrite Protection (SEHOP) blocks exploits that use the Structured Exception Handling overwrite technique, a common buffer overflow attack.
To fix this configure the policy value for
Computer Configuration
|_ Administrative Templates
|_ MS Security Guide
|_ "Enable Structured Exception Handling Overwrite Protection (SEHOP)" to "Enabled".
This policy setting requires the installation of the SecGuide custom templates. "SecGuide.admx" and " SecGuide.adml" must be copied to the \Windows\PolicyDefinitions and \Windows\PolicyDefinitions\en-US directories respectively. C:\Windows\SYSVOL\domain\Policies\PolicyDefinitions\ folder for domain controllers
Available here: https://www.microsoft.com/en-us/download/details.aspx?id=55319 / https://public.cyber.mil/stigs/gpo/
or at EventSentry GitHub repository here: https://github.com/eventsentry/resources
STIG: Desktop:
W11: https://www.stigviewer.com/stig/microsoft_windows_11/2023-09-29/finding/V-253284
W10: https://www.stigviewer.com/stig/microsoft_windows_10/2023-09-29/finding/V-220727 / https://www.stigviewer.com/stig/windows_10/2021-08-18/finding/V-220727
NIST 800-53: : CM-7(2)
NIST 800-171 Rev 2: 3.4.7
NIST 800-171 Rev 3 FPD: 3.4.8.a, 3.4.8.b, 3.4.8.c
CMMC v2 L2: CM.L2-3.4.7