The holy grail of hackers comes in finding a way to make you run their code without even realising, and that often requires considerable low-level knowledge of how Windows works. For example, every program has its own exception handlers, small pieces of software that are used to handle events outside of the flow of normal code (a divide by zero error, say). If an exception occurs, the program passes control to the memory address of its handler. But hackers have developed a technique that allows them to overwrite the exception handler’s address with the location of their own code. If they can then create an exception then your program will run their code, and that’s it – you’re infected.

Microsoft know this is a problem, though, and have developed effective counter-measures: SEHOP (Structured Exception Handler Overwrite Protection). New programs are compiled in a way that makes it much harder to overwrite exception handler addresses. And Windows can now actually check that your exception handler list hasn’t been altered before it calls any code – but that’s where there’s a problem.

Microsoft weren’t initially sure of the effect SEHOP would have on applications, so it was turned off by default in Windows Vista (SP1 and later). Fair enough. It was later turned on by default in both Windows 7 and Server 2008, though, so you might assume Vista would be updated, right? Well, no – it’s still turned off. If you want this protection then you’ll need to turn on SEHOP for yourself.

Fortunately this is quite straightforward, though. Just run REGEDIT, go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\kernel, double-click DisableExceptionChainValidation and set it to 0 (zero).

Reboot your PC and you’ll immediately be a little more secure, though perhaps with a chance of some reliability issues: Microsoft report that “existing versions of Cygwin, Skype, and Armadillo-protected applications may not work correctly” after turning on SEHOP. We noticed no visible change at all on a test PC and laptop, but it’s best to be careful, so test all your major applications carefully to make sure they’re still running as you expect. And if you do have any problems, set DisableExceptionChainValidation back to 1 and reboot to turn off SEHOP and get back to normal.