diff --git a/windows/security/threat-protection/microsoft-defender-atp/import-export-exploit-protection-emet-xml.md b/windows/security/threat-protection/microsoft-defender-atp/import-export-exploit-protection-emet-xml.md index 55dd84f8c5..95806be4e6 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/import-export-exploit-protection-emet-xml.md +++ b/windows/security/threat-protection/microsoft-defender-atp/import-export-exploit-protection-emet-xml.md @@ -53,27 +53,28 @@ When you have configured exploit protection to your desired state (including bot 3. At the bottom of the **Exploit protection** section, click **Export settings** and then choose the location and name of the XML file where you want the configuration to be saved. -> [!IMPORTANT] -> If you want to use Default configuration, use the settings "On by default" instead of "Use Default (On)" to get the settings exported correctly on the XML file. + > [!IMPORTANT] + > If you want to use Default configuration, use the settings "On by default" instead of "Use Default (On)" to get the settings exported correctly on the XML file. -![Highlight of the Export Settings option](../images/wdsc-exp-prot-export.png) + ![Highlight of the Export Settings option](../images/wdsc-exp-prot-export.png) -> [!NOTE] -> When you export the settings, all settings for both app-level and system-level mitigations are saved. This means you don't need to export a file from both the **System settings** and **Program settings** sections - either section will export all settings. + > [!NOTE] + > When you export the settings, all settings for both app-level and system-level mitigations are saved. This means you don't need to export a file from both the **System settings** and **Program settings** sections—either section will export all settings. ### Use PowerShell to export a configuration file -1. Type **powershell** in the Start menu, right click **Windows PowerShell** and click **Run as administrator** +1. Type **powershell** in the Start menu, right click **Windows PowerShell** and click **Run as administrator**. 2. Enter the following cmdlet: ```PowerShell Get-ProcessMitigation -RegistryConfigFilePath filename.xml ``` -Change `filename` to any name or location of your choosing. + Change `filename` to any name or location of your choosing. -Example command -**Get-ProcessMitigation -RegistryConfigFilePath C:\ExploitConfigfile.xml** + Example command: + + **Get-ProcessMitigation -RegistryConfigFilePath C:\ExploitConfigfile.xml** > [!IMPORTANT] > When you deploy the configuration using Group Policy, all machines that will use the configuration must be able to access the configuration file. Ensure you place the file in a shared location. @@ -86,17 +87,18 @@ After importing, the settings will be instantly applied and can be reviewed in t ### Use PowerShell to import a configuration file -1. Type **powershell** in the Start menu, right click **Windows PowerShell** and click **Run as administrator** +1. Type **powershell** in the Start menu, right click **Windows PowerShell** and click **Run as administrator**. 2. Enter the following cmdlet: ```PowerShell Set-ProcessMitigation -PolicyFilePath filename.xml ``` -Change `filename` to the location and name of the exploit protection XML file. + Change `filename` to the location and name of the exploit protection XML file. -Example command -**Set-ProcessMitigation -PolicyFilePath C:\ExploitConfigfile.xml** + Example command: + + **Set-ProcessMitigation -PolicyFilePath C:\ExploitConfigfile.xml** > [!IMPORTANT] > @@ -116,14 +118,14 @@ You can only do this conversion in PowerShell. > > You can then convert that file using the PowerShell cmdlet described here before importing the settings into Exploit protection. -1. Type **powershell** in the Start menu, right click **Windows PowerShell** and click **Run as administrator** +1. Type **powershell** in the Start menu, right click **Windows PowerShell** and click **Run as administrator**. 2. Enter the following cmdlet: ```PowerShell ConvertTo-ProcessMitigationPolicy -EMETFilePath emetFile.xml -OutputFilePath filename.xml ``` -Change `emetFile` to the name and location of the EMET configuration file, and change `filename` to whichever location and file name you want to use. + Change `emetFile` to the name and location of the EMET configuration file, and change `filename` to whichever location and file name you want to use. > [!IMPORTANT] > @@ -151,7 +153,7 @@ You can use Group Policy to deploy the configuration you've created to multiple 4. Double-click the **Use a common set of Exploit protection settings** setting and set the option to **Enabled**. -5. In the **Options::** section, enter the location and filename of the Exploit protection configuration file that you want to use, such as in the following examples: +5. In the **Options::** section, enter the location and file name of the Exploit protection configuration file that you want to use, such as in the following examples: * C:\MitigationSettings\Config.XML * \\\Server\Share\Config.xml