This setting allows you to configure the EMET system-wide Structured Exception Handler Overwrite Protection (SEHOP) mitigation setting. This feature is designed to block exploits that use the Structured Exception Handler (SEH) overwrite technique. This protection mechanism is provided at run-time. Therefore, it helps protect applications regardless of whether they have been compiled with the latest improvement or not. If you enable this setting, the EMET system-wide SEHOP mitigation is enabled. If you disable or do not configure this setting, the EMET system-wide SEHOP mitigation is disabled.

[Application Opt-Out/Application Opt-In]

(1) GPO: Computer Configuration\Administrative Templates\Windows Components\EMET!System SEHOP (2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\EMET\SysSettings!SEHOP