Closed mlosapio closed 6 years ago
mlosapio
commented
6 years ago Since github flags this as a binary this is the line added to the file:
MACHINE\System\CurrentControlSet\Control\Session Manager\Kernel\DisableExceptionChainValidation=4,0```Per the issue - this is the wrong way to accomplish this task if you're on 1709.
iadgovuser1
commented
6 years ago I'm pretty the Exploit Guard config that we have takes care of this. That config will be released once the new version of the SHB is released (soon).
Need to add SEHOP lockdown per: https://www.stigviewer.com/stig/windows_10/2016-11-03/finding/V-68849 Issue: https://github.com/iadgov/Secure-Host-Baseline/issues/50