deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-14 22:37:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #2256 from markwoMSFT/patch-2

Browse Source 
Change kernal to kernel
This commit is contained in:
Jeanie Decker 2018-12-03 05:34:18 -08:00 committed by GitHub
commit 43d3ff99a9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 25 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
windows/security/threat-protection/windows-defender-exploit-guard/event-views-exploit-guard.md
View File

@ -144,30 +144,30 @@ You can access these events in Windows Event viewer:
Feature | Provider/source | Event ID | Description
:-|:-|:-:|:-
Exploit protection | Security-Mitigations (Kernal Mode/User Mode) | 1 | ACG audit
Exploit protection | Security-Mitigations (Kernal Mode/User Mode) | 2 | ACG enforce
Exploit protection | Security-Mitigations (Kernal Mode/User Mode) | 3 | Do not allow child processes audit
Exploit protection | Security-Mitigations (Kernal Mode/User Mode) | 4 | Do not allow child processes block
Exploit protection | Security-Mitigations (Kernal Mode/User Mode) | 5 | Block low integrity images audit
Exploit protection | Security-Mitigations (Kernal Mode/User Mode) | 6 | Block low integrity images block
Exploit protection | Security-Mitigations (Kernal Mode/User Mode) | 7 | Block remote images audit
Exploit protection | Security-Mitigations (Kernal Mode/User Mode) | 8 | Block remote images block
Exploit protection | Security-Mitigations (Kernal Mode/User Mode) | 9 | Disable win32k system calls audit
Exploit protection | Security-Mitigations (Kernal Mode/User Mode) | 10 | Disable win32k system calls block
Exploit protection | Security-Mitigations (Kernal Mode/User Mode) | 11 | Code integrity guard audit
Exploit protection | Security-Mitigations (Kernal Mode/User Mode) | 12 | Code integrity guard block
Exploit protection | Security-Mitigations (Kernal Mode/User Mode) | 13 | EAF audit
Exploit protection | Security-Mitigations (Kernal Mode/User Mode) | 14 | EAF enforce
Exploit protection | Security-Mitigations (Kernal Mode/User Mode) | 15 | EAF+ audit
Exploit protection | Security-Mitigations (Kernal Mode/User Mode) | 16 | EAF+ enforce
Exploit protection | Security-Mitigations (Kernal Mode/User Mode) | 17 | IAF audit
Exploit protection | Security-Mitigations (Kernal Mode/User Mode) | 18 | IAF enforce
Exploit protection | Security-Mitigations (Kernal Mode/User Mode) | 19 | ROP StackPivot audit
Exploit protection | Security-Mitigations (Kernal Mode/User Mode) | 20 | ROP StackPivot enforce
Exploit protection | Security-Mitigations (Kernal Mode/User Mode) | 21 | ROP CallerCheck audit
Exploit protection | Security-Mitigations (Kernal Mode/User Mode) | 22 | ROP CallerCheck enforce
Exploit protection | Security-Mitigations (Kernal Mode/User Mode) | 23 | ROP SimExec audit
Exploit protection | Security-Mitigations (Kernal Mode/User Mode) | 24 | ROP SimExec enforce
Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 1 | ACG audit
Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 2 | ACG enforce
Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 3 | Do not allow child processes audit
Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 4 | Do not allow child processes block
Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 5 | Block low integrity images audit
Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 6 | Block low integrity images block
Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 7 | Block remote images audit
Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 8 | Block remote images block
Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 9 | Disable win32k system calls audit
Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 10 | Disable win32k system calls block
Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 11 | Code integrity guard audit
Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 12 | Code integrity guard block
Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 13 | EAF audit
Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 14 | EAF enforce
Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 15 | EAF+ audit
Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 16 | EAF+ enforce
Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 17 | IAF audit
Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 18 | IAF enforce
Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 19 | ROP StackPivot audit
Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 20 | ROP StackPivot enforce
Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 21 | ROP CallerCheck audit
Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 22 | ROP CallerCheck enforce
Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 23 | ROP SimExec audit
Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 24 | ROP SimExec enforce
Exploit protection | WER-Diagnostics | 5 | CFG Block
Exploit protection | Win32K (Operational) | 260 | Untrusted Font
Network protection | Windows Defender (Operational) | 5007 | Event when settings are changed