From d6a894d0ff4c31da6288334b36016ea24b8d86ed Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Fri, 28 Jun 2019 16:20:39 +0530 Subject: [PATCH 1/3] added two new commands for exporting and importing .xml files Taken example from Windows 10 v1903 build no 18362.207. added two commands under export of configuration file and import of configuration file --- .../import-export-exploit-protection-emet-xml.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md b/windows/security/threat-protection/windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md index c9851d72d1..14c37305cc 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md @@ -70,6 +70,9 @@ When you have configured exploit protection to your desired state (including bot Change `filename` to any name or location of your choosing. +example command +**Get-ProcessMitigation -RegistryConfigFilePath C:\ExploitConfigfile.xml** + > [!IMPORTANT] > When you deploy the configuration using Group Policy, all machines that will use the configuration must be able to access the configuration file. Ensure you place the file in a shared location. @@ -91,6 +94,10 @@ After importing, the settings will be instantly applied and can be reviewed in t Change `filename` to the location and name of the exploit protection XML file. +example command +**Set-ProcessMitigation -PolicyFilePath C:\ExploitConfigfile.xml** + + >[!IMPORTANT] > >Ensure you import a configuration file that is created specifically for exploit protection. You cannot directly import an EMET configuration file, you must convert it first. @@ -151,6 +158,7 @@ You can use Group Policy to deploy the configuration you've created to multiple - C:\MitigationSettings\Config.XML - \\\Server\Share\Config.xml - https://localhost:8080/Config.xml + - C:\ExploitConfigfile.xml 8. Click **OK** and [Deploy the updated GPO as you normally do](https://msdn.microsoft.com/library/ee663280(v=vs.85).aspx). From 9d4e986336654883cb87c97a0f48720d6e6aed9f Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Thu, 18 Jul 2019 11:01:09 +0530 Subject: [PATCH 2/3] Update windows/security/threat-protection/windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md agreed Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../import-export-exploit-protection-emet-xml.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md b/windows/security/threat-protection/windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md index 14c37305cc..032f11b8cf 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md @@ -70,7 +70,7 @@ When you have configured exploit protection to your desired state (including bot Change `filename` to any name or location of your choosing. -example command +Example command **Get-ProcessMitigation -RegistryConfigFilePath C:\ExploitConfigfile.xml** > [!IMPORTANT] From 886b7cc6ad8ac26510112184343649d96c704941 Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Thu, 18 Jul 2019 11:01:29 +0530 Subject: [PATCH 3/3] Update windows/security/threat-protection/windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md agreed Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../import-export-exploit-protection-emet-xml.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md b/windows/security/threat-protection/windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md index 032f11b8cf..676188aa12 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md @@ -94,7 +94,7 @@ After importing, the settings will be instantly applied and can be reviewed in t Change `filename` to the location and name of the exploit protection XML file. -example command +Example command **Set-ProcessMitigation -PolicyFilePath C:\ExploitConfigfile.xml**