There are options for enabling or disabling each of the four memory control features:
Buffer overflow detection
Unusual memory allocations
Unusual memory permission changes
Disabling Data Execution Prevention
In addition, for each feature, you can enable an exception list and add exceptions to the default behavior.
For each exception you can specify the following parameters:
Action: Select Allow or Deny. The policy ignores disabled rules.
Logging: Select Log, Log as trivial, or Do not log.
Process and Module Attributes: Specify the attributes necessary to identify the process and/or module you want in the rule.
Rule Name: Specify an internal rule name. Rule names are carried through the system and are recorded in each event that is generated by its corresponding rule in the policy. This information can be used for reporting and policy adjustment purposes.
Comment: Type a description of the rule.
Imported Document ID: HOWTO95357
Subscribing will provide email updates when this Article is updated. Login is required.