Windows operating systems like the Windows Vista Service Pack 1, Windows Server 2008 and Windows Server 2008 R2 have a support mechanism for Structured Exception Handling Overwrite Protection (SEHOP). With Structured Exception Handling Overwrite Protection (SEHOP), you can block the exploits that tend to use the Structured Exception Handler (SEH) overwrite technique. The mechanism offers its protection during the run time thereby protecting your computer applications regardless of the fact that they are compiled with the newest changes like SAFESEH or not. It is a good idea to use the Structured Exception Handling Overwrite Protection if you are using any of the Windows operating systems stated above. This will enhance the security profile of your computer.
The Microsoft web site offers an easy to use automatic option to enable the Structured Exception Handling Overwrite Protection feature for your system. An interesting fact about the automatic fixing wizard offered by Microsoft is that it is not necessary that you run the wizard on a computer that is already working flawlessly. Just save the automatic fix on a flash dive or maybe a CD and run it when you encounter a problem in your system. But the automatic wizard will not work if you using the Windows server 2008 R2 or the Windows 7. The automatic wizard has been designed to work for Windows Vista Service Pack 1 and Windows Server 2008. You need to follow a few simple steps to apply the Structured Exception Handling Overwrite Protection on your systems working with Windows 7 or Windows Server 2008 R2.
Follow these simple steps if you are enabling the Structured Exception Handling Overwrite Protection yourself. It should be known that any error in modifying the registry of your system can cause serious errors in your system. It is a good alternative to create a back up of the registry before you make any changes in the registry of your system. This gives you an option to restore the registry in case something goes wrong while you enable Structured Exception Handling Overwrite Protection.
Follow these simple steps carefully to enable the SEHOP manually:
· Click START and then RUN. Type regedit and then press the ENTER key
· ‘HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\DisableExceptionChainValidation’ is the registry sub key that is to be located. In case you cannot locate DisableExceptionChainValidation in the registry subkey, you can follow the following steps to create one: First of all, Right click on the kernel and then take your cursor to New followed by clicking DWORD Value. Now type DisableExceptionChainValidation and press the ENTER key.
· Now double click the DisableExceptionChainValidation and then change the value of this registry entry to zero and click OK. It should be known that entering 1 will disable the registry entry and 0 will enable the registry entry.
· Now exit the Registry Editor of your system.
Most of the time when you enable SEHOP for your system, the present versions of software applications like Cygwin, Skype, and other applications that are protected by Armadillo may not work properly. An update of the current applications will resolve the issue.
