diff --git a/windows/threat-protection/windows-defender-exploit-guard/customize-controlled-folders-exploit-guard.md b/windows/threat-protection/windows-defender-exploit-guard/customize-controlled-folders-exploit-guard.md index 8f3c3bfd49..0d8c59314c 100644 --- a/windows/threat-protection/windows-defender-exploit-guard/customize-controlled-folders-exploit-guard.md +++ b/windows/threat-protection/windows-defender-exploit-guard/customize-controlled-folders-exploit-guard.md @@ -130,9 +130,9 @@ You can specify if certain apps should always be considered safe and given write You can use the Windows Defender Security Center app or Group Policy to add and remove apps that should be allowed to access protected folders. -When you add an app, you have to specify the app's location. Only the app in that location will be permitted access to the protected folders - if the app (with the same name) is located in a different location, then it will not be added to the whitelist and may be blocked by Controlled folder access. +When you add an app, you have to specify the app's location. Only the app in that location will be permitted access to the protected folders - if the app (with the same name) is located in a different location, then it will not be added to the allow list and may be blocked by Controlled folder access. -### Use the Windows Defender Security app to whitelist specific apps +### Use the Windows Defender Security app to allow specific apps 1. Open the Windows Defender Security Center by clicking the shield icon in the task bar or searching the start menu for **Defender**. @@ -146,7 +146,7 @@ When you add an app, you have to specify the app's location. Only the app in tha ![Screenshot of the add an allowed app button](images/cfa-allow-app.png) -### Use Group Policy to whitelist specific apps +### Use Group Policy to allow specific apps 1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**. @@ -160,13 +160,13 @@ When you add an app, you have to specify the app's location. Only the app in tha -### Use PowerShell to whitelist specific apps +### Use PowerShell to allow specific apps 1. Type **powershell** in the Start menu, right click **Windows PowerShell** and click **Run as administrator** 2. Enter the following cmdlet: ```PowerShell - Add-MpPreference -ControlledFolderAccessAllowedApplications "" + Add-MpPreference -ControlledFolderAccessAllowedApplications "" ``` For example, to add the executable *test.exe*, located in the folder *C:\apps*, the cmdlet would be as follows: @@ -186,7 +186,7 @@ Continue to use `Add-MpPreference -ControlledFolderAccessAllowedApplications` to -### Use MDM CSPs to whitelist specific apps +### Use MDM CSPs to allow specific apps Use the [./Vendor/MSFT/Policy/Config/Defender/GuardedFoldersAllowedApplications](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-guardedfoldersallowedapplications) configuration service provider (CSP) to allow apps to make changes to protected folders. diff --git a/windows/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md b/windows/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md index 29e9b9c68f..817038ca1c 100644 --- a/windows/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md +++ b/windows/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md @@ -35,7 +35,7 @@ There are four features in Windows Defender EG: - [Exploit protection](exploit-protection-exploit-guard.md) can apply exploit mitigation techniques to apps your organization uses, both individually and to all apps - [Attack surface reduction rules](attack-surface-reduction-exploit-guard.md) can reduce the attack surface of your applications with intelligent rules that stop the vectors used by Office-, script- and mail-based malware -- [Network protection](network-protection-exploit-guard.md) extends the malware and social engineering protection offered by Windows Defender SmartScreen in Edge to cover network traffic and connectivity on your organization's devices +- [Network protection](network-protection-exploit-guard.md) extends the malware and social engineering protection offered by Windows Defender SmartScreen in Microsoft Edge to cover network traffic and connectivity on your organization's devices - [Controlled folder access](controlled-folders-exploit-guard.md) helps protect files in key system folders from changes made by malicious and suspicious apps, including file-encrypting ransomware malware