Prevx Home’s registry and buffer overflow protection features are implemented by hooking several native APIs in kernel-space by modifying entries within the SDT ServiceTable. This means that a malicious program with Administrator privilege can disable these features by restoring the running kernel’s SDT ServiceTable with direct writes to devicephysicalmemory. Verified against Prevx Home Version 1.0 Build 2.1.0.0 on WinXP SP0, SP2.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/35136/prevxhome.txt
Source: https://packetstormsecurity.com/files/35136/prevxhome.txt.html