From 2c20c40617114bc24b0af6f360d45c45e257af0f Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 15 Jul 2020 15:47:20 -0700 Subject: [PATCH] Update enable-exploit-protection.md --- .../enable-exploit-protection.md | 36 ++++++++++++------- 1 file changed, 24 insertions(+), 12 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md b/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md index b0cad379e8..2251cef5dc 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md @@ -108,13 +108,18 @@ The result will be that DEP will be enabled for *test.exe*. DEP will not be enab ## Intune 1. Sign in to the [Azure portal](https://portal.azure.com) and open Intune. + 2. Click **Device configuration** > **Profiles** > **Create profile**. -3. Name the profile, choose **Windows 10 and later** and **Endpoint protection**. - ![Create endpoint protection profile](../images/create-endpoint-protection-profile.png) + +3. Name the profile, choose **Windows 10 and later** and **Endpoint protection**.
+ ![Create endpoint protection profile](../images/create-endpoint-protection-profile.png)
+ 4. Click **Configure** > **Windows Defender Exploit Guard** > **Exploit protection**. -5. Upload an [XML file](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-exploitguard) with the exploit protection settings: - ![Enable network protection in Intune](../images/enable-ep-intune.png) + +5. Upload an [XML file](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-exploitguard) with the exploit protection settings:
![Enable network protection in Intune](../images/enable-ep-intune.png)
+ 6. Click **OK** to save each open blade and click **Create**. + 7. Click the profile **Assignments**, assign to **All Users & All Devices**, and click **Save**. ## MDM @@ -124,19 +129,26 @@ Use the [./Vendor/MSFT/Policy/Config/ExploitGuard/ExploitProtectionSettings](htt ## Microsoft Endpoint Configuration Manager 1. In Microsoft Endpoint Configuration Manager, click **Assets and Compliance** > **Endpoint Protection** > **Windows Defender Exploit Guard**. -1. Click **Home** > **Create Exploit Guard Policy**. -1. Enter a name and a description, click **Exploit protection**, and click **Next**. -1. Browse to the location of the exploit protection XML file and click **Next**. -1. Review the settings and click **Next** to create the policy. -1. After the policy is created, click **Close**. + +2. Click **Home** > **Create Exploit Guard Policy**. + +3. Enter a name and a description, click **Exploit protection**, and click **Next**. + +4. Browse to the location of the exploit protection XML file and click **Next**. + +5. Review the settings and click **Next** to create the policy. + +6. After the policy is created, click **Close**. ## Group Policy 1. On your Group Policy management device, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**. -1. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**. -2. Expand the tree to **Windows components** > **Windows Defender Exploit Guard** > **Exploit Protection** > **Use a common set of exploit protection settings**. -3. Click **Enabled** and type the location of the [XML file](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-exploitguard) and click **OK**. +2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**. + +3. Expand the tree to **Windows components** > **Windows Defender Exploit Guard** > **Exploit Protection** > **Use a common set of exploit protection settings**. + +4. Click **Enabled** and type the location of the [XML file](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-exploitguard) and click **OK**. ## PowerShell