Buffer Overflow Protection (BOP) detection events are reported after the installation of VSE 8.8 Patch 4 or later. These violations did not occur or were not reported with previous patch versions or VSE releases.
Example of a BOP log entry (from an English system):
2/27/2014 3:15:18 PM Blocked by Buffer Overflow Protection DOMAIN\User C:\Program Files\Microsoft Office97\Office\MSACCESS.EXE:NTDLL.KiUserExceptionDispatcher::1bfe08 BO:Writable BO:Heap
Example of a BOP log entry (from a Spanish system):
20/02/2014 13:04:19 Bloqueado por la protección contra desbordamientos de búfer DOMAIN\User C:\Archivos de programa\Microsoft Office\Office12\EXCEL.EXE:NTDLL.KiUserExceptionDispatcher::3ba3d58 Desbordamiento de búfer:de escritura Desbordamiento de búfer:pila
General explanation of a BOP log entry:
<date> <time> <Action taken by BOP, which is to BLOCK or to WARN> <User Account><Path to the victim process>:NTDLL.KiUserExceptionDispatcher::<address> <Type of Buffer Overrun>
Dump information from a process that is blocked:
PRIMARY_PROBLEM_CLASS: SOFTWARE_NX_FAULT
BUGCHECK_STR: APPLICATION_FAULT_SOFTWARE_NX_FAULT