Blocking buffer overflow exploits

Exploit Prevention stops exploited buffer overflows from executing arbitrary code. This feature monitors user-mode API calls and recognizes when they are called as a result of a buffer overflow.

When a detection occurs, information is recorded in the activity log, displayed on the client system, and sent to the management server, if configured.

Threat Prevention uses the Exploit Prevention content file to protect applications such as Microsoft Internet Explorer, Microsoft Outlook, Outlook Express, Microsoft Word, and MSN Messenger.

Note: Host Intrusion Prevention 8.0 can be installed on the same system as Endpoint Security version 10.5. If McAfee Host IPS is enabled, Exploit Prevention is disabled even if enabled in the policy settings.