Default Action and Mitigation SettingsID: oval:org.secpod.oval:def:82908 | Date: (C)2022-08-12 (M)2023-07-31 |
Class: COMPLIANCE | Family: windows |
Configure default action after detection and advanced ROP mitigation settings
Fix:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\EMET\Default Action and Mitigation Settings
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\EMET\SysSettings!DeepHooks
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\EMET\SysSettings!AntiDetours
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\EMET\SysSettings!BannedFunctions
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\EMET\SysSettings!ExploitAction
Platform: |
Microsoft Windows Server 2012 |