said by Rebirth:If you run Procmon from Sysinternals, you'll be Amazed at just how many BO's you'll see, from ALL sorts of legit Apps & Processes. etc. "Aparently" is quite normal, from what i've read !
Those aren't buffer overflows, those are just unfortunately-named Windows error codes.
ERROR_BUFFER_OVERFLOW is an error code returned by a number of API calls when the buffer provided by the user - which includes the size - is not sufficient for the API function to put the result there.
you: Hey Windows, here is a buffer of 100 bytes, stick the answer here
Win: Sorry, 100 bytes is too small, you need 150 bytes.
That is an ERROR_BUFFER_OVERFLOW error, and it means the application has to allocate a bit more memory and try again. This is a common exchange, and no
actual overflow of anything has occurred.
You can't really see a real-deal buffer overflow with Process Monitor.