Reference Guide
Security Management Server v10.2.10 AdminHelp
195
Security\Endpoint Security
Platform
\VSCore_ENS_10.1\x64\mfemms.exe
\
Program Files (x86)\McAfee\Endpoint
Security
\Endpoint Security
Platform
\VSCore_ENS_10.1\x64\mfevtps.exe
\
Program Files (x86)\McAfee\Endpoint
Security
\Endpoint Security
Platform
\VSCore_ENS_10.1\x64\mmsinfo.exe
\
Program Files (x86)\McAfee\Endpoint
Security
\Endpoint Security
Platform
\VSCore_ENS_10.1\x64\vtpinfo.exe
\
Program Files (x86)\McAfee\Endpoint Security\Web
Control
\McChHost.exe
\
Program Files (x86)\McAfee\Endpoint Security\Web
Control
\mfewc.exe
\
Program Files (x86)\McAfee\Endpoint Security\Web
Control
\mfewch.exe
\
Program Files (x86)\McAfee\Endpoint Security\Web
Control
\mfewcui.exe
\
Program Files (x86)\McAfee\Endpoint Security\Web
Control
\RepairCache\McAfee_Web_Control_x64.msi
\
Program Files (x86)\McAfee\Endpoint Security\Web
Control
\RepairCache\setupWC.exe
\
Program Files (x86)\McAfee\Endpoint Security\Web
Control
\x64\mfewch.exe
\
Windows\System32\mfevtps.exe
\
Program Files\McAfee\Endpoint Security\Endpoint
Security Platform
\LogDebugSetter.exe
\
Program Files\McAfee\Endpoint
Security
\MfeUpgradeTool.exe
Exploitation:
Stack Pivot
Alert
Ignore
Alert
Block
Terminate
Specify the action t
o take when a stack pivot threat is
detected.
Ignore
- No action is taken against identified memory
violat
ions.
Alert
- Record the violation and report the incident to
the Dell Server.
Block
- Block the process call if an application attempts
to call a mem
ory violation process. The application that
ma
de the call is allowed to continue to run.
Terminate
- Block the process call if an application
attem
pts to call a memory violation process and terminate
the application that made the call.
Stack Pivot
- The stack for a thread has been replaced
with a diff
erent stack. Generally the system will only
allocate a single stack for a thread. An attacker would
u
se a different stack to control execution in a way that
is not blocked by Data Execution Prevention (
DEP).
Th
e Stack Pivot exploitation affects Windows and macOS
operating sys
tems.