Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
386
Views
3
Helpful
1
Replies

CSA500186 always trigers rule 178

teperjesi
Level 1
Level 1

‎04-27-2006 06:02 AM - edited ‎03-10-2019 01:59 AM

Hi,

All applications, I started on my latop, triger the rule 178.

"The process 'C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE' (as user KFKI\eperjesitamas) attempted to call the function VirtualProtect from a buffer (the return address was 0xa524e6). The code at this address is '8b55086a 00546a40 5152ff15 04c6a500 5983f800 74138b4d 0c8b5508 5152ff15' This either happens when a process uses self-modifying code or when a process has been subverted by a buffer overflow attack. The operation was allowed. "

Is this normal and I need to allow all my softwares to run?

Labels:
0 Helpful
1 Reply 1

tsteger1
Level 8
Level 8

‎04-27-2006 08:42 PM

1. Is this only your laptop?

If so, it may be something else you have installed or the way Outlook is configured.

2. Is the code pattern always the same?

If so, you could create an exception based on the code pattern when Outlook makes that call from a buffer.

Tom S

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card