To receive email notification when this article is updated, click Subscribe on the right side of the page. You must be logged on to subscribe.
Date
Update
July 22, 2020
Shortened the title and replaced the PD links.
July, 27 2017
Added links to content on how to configure the VSE Buffer Overflow policy.
问题
An entry similar to the following is displayed in the BufferOverFlow Protection (BOP) log:
Blocked by Buffer Overflow Protection 8DM2BS1\DASASOL C:\ProgramFiles\InternetExplorer\iexplore.exe: NTDLL.KiUserExceptionDispatcher::4830000 BO:Writable BO:Heap
解决方案
If the identified process action is valid, create an exclusion to allow the process to run.
Process example:
Process: iexplore.exe
Module: NTDLL
API: KiUserExceptionDispatcher
You can optionally exclude the API, and this requirement is only if you are excluding the module. Generally, a process exclusion suffices for the average use case.
To configure the VSE policy, see the following content:
To create exclusions for Buffer OverFlow in VirusScan Enterprise 8.x, see KB84283.
