Symantec Endpoint Protection Manager (SEPM) 14 has a new feature named Generic Exploit Mitigation (GEM), which stops vulnerability attacks on Windows client computers. GEM is enabled by default in the Intrusion Prevention policy. You need to disable GEM for testing purposes.
To disable GEM:
1. In the SEPM console, in the left pane, click Policies, and then click Intrusion Prevention.
2. Right-click your Intrusion Prevention policy and select the Edit... menu option.
3. In the Intrusion Prevention Policy window, click Generic Exploit Mitigation.
4. Under Generic Exploit Mitigation, uncheck the Enable Generic Exploit Mitigation box, then click OK.
For 14.2 versions, please follow the steps below to disable Memory Exploit Mitigation (AKA GEM).