Reference Guide
Security Management Server - AdminHelp v9.8
195
Exploitation: Stack
Pivot
Alert
Ignore
Alert
Block
Terminate
Specify the action to take when a stack pivot threat is
detected.
Ignore - No action is taken against identified memory
violations.
Alert -
Record the violation and report the incident to the Dell
Server.
Block - Block the process call if an application attempts to
call a memory violation process. The application that made
the call is allowed to continue to run.
Terminate - Block the process call if an application attempts
to call a memory violation process and terminate the
application that made the call.
Stack Pivot - The stack for a thread has been replaced with a
different stack. Generally the system will only allocate a
single stack for a thread. An attacker would use a different
stack to control execution in a way that is not blocked by
Data Execution Prevention (DEP).
The Stack Pivot exploitation affects Windows and macOS
operating systems.
Exploitation: Stack
Protect
Alert
Ignore
Alert
Block
Terminate
Specify the action to take when a stack protect threat is
detected.
Ignore - No action is taken against identified memory
violations.
Alert -
Record the violation and report the incident to the Dell
Server.
Block - Block the process call if an application attempts to
call a memory violation process. The application that made
the call is allowed to continue to run.
Terminate - Block the process call if an application attempts
to call a memory violation process and terminate the
application that made the call.
Stack Protect - The memory protection of a thread's stack has
been modified to enable execution permission. Stack memory
should not be executable, so usually this means that an
attacker is preparing to run malicious code stored in stack
memory as part of an exploit, an attempt which would
otherwise be blocked by Data Execution Prevention (DEP).
The Stack Protect exploitation affects Windows and macOS
operating systems.