deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-07-03 03:03:43 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merged PR 11030: 8/30 AM Publish

Browse Source
This commit is contained in:
Huaping Yu (Beyondsoft Consulting Inc)
2018-08-30 17:29:33 +00:00
parent 9b1038ee61 c5e95a0bb4
commit 67af546de2
13 changed files with 41 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
store-for-business/release-history-microsoft-store-business-education.md
View File

@ -8,7 +8,7 @@ ms.pagetype: store
author: TrudyHa
ms.author: TrudyHa
ms.topic: conceptual
ms.date: 07/31/2018
ms.date: 08/29/2018
---
# Microsoft Store for Business and Education release history
@ -17,6 +17,9 @@ Microsoft Store for Business and Education regularly releases new and improved f
Looking for info on the latest release? Check out [What's new in Microsoft Store for Business and Education](whats-new-microsoft-store-business-education.md)
## July 2018
- Bug fixes and permformance improvements.
## June 2018
- **Change order within private store collection** - Continuing our focus on improvements for private store, now you can customize the order of products in each private store collection.
- **Performance improvements in private store** - We continue to work on performance improvements in the private store. Now, most products new to your inventory are available in your private store within 15 minutes of adding them. [Get more info](https://docs.microsoft.com/microsoft-store/manage-private-store-settings#private-store-performance)
@ -44,15 +47,12 @@ Looking for info on the latest release? Check out [What's new in Microsoft Store
- **Microsoft Product and Services Agreement customers can invite people to take roles** - MPSA admins can invite people to take Microsoft Store for Business roles even if the person is not in their tenant. You provide an email address when you assign the role, and we'll add the account to your tenant and assign the role.
## December 2017
- Bug fixes and permformance improvements.
## November 2017
- **Export list of Minecraft: Education Edition users** - Admins and teachers can now export a list of users who have Minecraft: Education Edition licenses assigned to them. Click **Export users**, and Store for Education creates an Excel spreadsheet for you, and saves it as a .csv file.
## October 2017
- Bug fixes and permformance improvements.
## September 2017

12
store-for-business/whats-new-microsoft-store-business-education.md
View File

@ -8,7 +8,7 @@ ms.pagetype: store
author: TrudyHa
ms.author: TrudyHa
ms.topic: conceptual
ms.date: 07/31/2018
ms.date: 08/29/2018
---
# What's new in Microsoft Store for Business and Education
@ -17,9 +17,10 @@ Microsoft Store for Business and Education regularly releases new and improved f
## Latest updates for Store for Business and Education
**July 2018**
Weve been working on bug fixes and performance improvements to provide you a better experience. Stay tuned for new feature
**August 2018**
| | |
|-----------------------|---------------------------------|
| ![Private store performance icon](images/perf-improvement-icon.png) |**App requests**<br /><br /> People in your organization can make requests for apps that they need. They can also request them on behalf of other people. Admins review requests and can decide on purchases. <br /><br />[Get more info](https://docs.microsoft.com/microsoft-store/acquire-apps-microsoft-store-for-business#allow-app-requests)<br /><br />**Applies to**:<br /> Microsoft Store for Business <br /> Microsoft Store for Education |
<!---
Weve been working on bug fixes and performance improvements to provide you a better experience. Stay tuned for new features!
@ -33,6 +34,9 @@ Weve been working on bug fixes and performance improvements to provide you a
## Previous releases and updates
[July 2018](release-history-microsoft-store-business-education.md#july-2018)
- Bug fixes and performance improvements
[June 2018](release-history-microsoft-store-business-education.md#june-2018)
- Change order within private store collection
- Performance improvements in private store

2
windows/security/identity-protection/windows-credential-theft-mitigation-guide-abstract.md
View File

@ -15,7 +15,7 @@ ms.date: 04/19/2017
**Applies to**
- Windows 10
This topic provides a summary of the Windows 10 credential theft mitigation guide, which can be downloaded from the [Microsoft Download Center](https://download.microsoft.com/download/C/1/4/C14579CA-E564-4743-8B51-61C0882662AC/Windows 10 credential theft mitigation guide.docx).
This topic provides a summary of the Windows 10 credential theft mitigation guide, which can be downloaded from the [Microsoft Download Center](https://download.microsoft.com/download/C/1/4/C14579CA-E564-4743-8B51-61C0882662AC/Windows%2010%20credential%20theft%20mitigation%20guide.docx).
This guide explains how credential theft attacks occur and the strategies and countermeasures you can implement to mitigate them, following these security stages:
- Identify high-value assets

26
windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md
View File

@ -6,37 +6,37 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.localizationpriority: medium
author: mdsakibMSFT
ms.date: 08/23/2018
ms.date: 08/2/2018
---
# Device Guard: Windows Defender Application Control Configurable Code Integrity and Virtualization-based security
# Device Guard: Windows Defender Application Control and Virtualization-based security
**Applies to**
- Windows 10
- Windows Server 2016
Windows 10 includes a set of hardware and OS technologies that, when configured together, allow enterprises to "lock down" Windows systems so they operate with many of the properties of mobile devices. In this configuration, specific technologies work together to restrict devices to only run authorized apps by using a feature called configurable code integrity (CI), while simultaneously hardening the OS against kernel memory attacks through the use of virtualization-based protection of code integrity (more specifically, HVCI).
Windows 10 includes a set of hardware and OS technologies that, when configured together, allow enterprises to "lock down" Windows systems so they operate with many of the properties of mobile devices. In this configuration, specific technologies work together to restrict devices to only run authorized apps by using a feature called configurable code integrity, while simultaneously hardening the OS against kernel memory attacks through the use of virtualization-based protection of code integrity (more specifically, HVCI).
Configurable CI and HVCI are very powerful protections that can be used separately. However, when these two technologies are configured to work together, they present a very strong protection capability for Windows 10 devices. Starting with the Windows 10 Anniversary Update (1607), this combined "configuration state" of Configurable CI and HVCI has been referred to as Windows Defender Device Guard.
Configurable code integrity policies and HVCI are very powerful protections that can be used separately. However, when these two technologies are configured to work together, they present a very strong protection capability for Windows 10 devices. This combined "configuration state" of configurable code integrity and HVCI has been referred to as Windows Defender Device Guard.
Using Configurable CI to restrict devices to only autherized apps has these advantages over other solutions:
Using configurable code integrity to restrict devices to only authorized apps has these advantages over other solutions:
1. Configurable CI policy is enforced by the Windows kernel itself. As such, the policy takes effect early in the boot sequence before nearly all other OS code and before traditional antivirus solutions run.
2. Configurable CI allows customers to set application control policy not only over code running in user mode, but also kernel mode hardware and software drivers and even code that runs as part of Windows.
3. Customers can protect the configurable CI policy even from local administrator tampering by digitally signing the policy. This would mean that changing the policy would require both administrative privilege and access to the organizations digital signing process, making it extremely difficult for an attacker with administrative privledge, or malicious software that managed to gain administrative privilege, to alter the application control policy.
4. The entire configurable CI enforcement mechanism can be protected by HVCI, where even if a vulnerability exists in kernel mode code, the likelihood that an attacker could successfully exploit it is significantly diminished. Why is this relevant? Thats because an attacker that compromises the kernel would otherwise have enough privilege to disable most system defenses and override the application control policies enforced by configurable CI or any other application control solution.
1. onfigurable code integrity policy is enforced by the Windows kernel itself. As such, the policy takes effect early in the boot sequence before nearly all other OS code and before traditional antivirus solutions run.
2. Configurable code integrity allows customers to set application control policy not only over code running in user mode, but also kernel mode hardware and software drivers and even code that runs as part of Windows.
3. Customers can protect the configurable code integrity policy even from local administrator tampering by digitally signing the policy. This would mean that changing the policy would require both administrative privilege and access to the organizations digital signing process, making it extremely difficult for an attacker with administrative privledge, or malicious software that managed to gain administrative privilege, to alter the application control policy.
4. The entire configurable code integrity enforcement mechanism can be protected by HVCI, where even if a vulnerability exists in kernel mode code, the likelihood that an attacker could successfully exploit it is significantly diminished. Why is this relevant? Thats because an attacker that compromises the kernel would otherwise have enough privilege to disable most system defenses and override the application control policies enforced by configurable code integrity or any other application control solution.
## (Re-)Introducing Windows Defender Application Control
When we originally designed the configuration state that we have referred to as Windows Defender Device Guard, we did so with a specific security promise in mind. Although there were no direct dependencies between the two main OS features of the Device Guard configuration, configurable CI and HVCI, we intentionally focused our discussion around the Device Guard lockdown state you achieve when deploying them together.
When we originally designed the configuration state that we have referred to as Windows Defender Device Guard, we did so with a specific security promise in mind. Although there were no direct dependencies between the two main OS features of the Device Guard configuration, configurable code integrity and HVCI, we intentionally focused our discussion around the Device Guard lockdown state you achieve when deploying them together.
However, the use of the term Device Guard to describe this configuration state has unintentionally left an impression for many IT professionals that the two features were inexorably linked and could not be deployed separately.
Additionally, given that HVCI relies on Windows virtualization-based security, it comes with additional hardware, firmware, and kernel driver compatibility requirements that some older systems cant meet.
As a result, many IT Professionals assumed that because some systems couldn't use HVCI, they couldnt use configurable CI either.
But configurable CI carries no specific hardware or software requirements other than running Windows 10, which means many IT professionals were wrongly denied the benefits of this powerful application control capability.
As a result, many IT Professionals assumed that because some systems couldn't use HVCI, they couldnt use configurable code integrity either.
But configurable code integrity carries no specific hardware or software requirements other than running Windows 10, which means many IT professionals were wrongly denied the benefits of this powerful application control capability.
Since the initial release of Windows 10, the world has witnessed numerous hacking and malware attacks where application control alone could have prevented the attack altogether. With this in mind, we are discussing and documenting configurable CI as a independent technology within our security stack and giving it a name of its own: [Windows Defender Application Control](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control).
Since the initial release of Windows 10, the world has witnessed numerous hacking and malware attacks where application control alone could have prevented the attack altogether. With this in mind, we are discussing and documenting configurable code integrity as a independent technology within our security stack and giving it a name of its own: [Windows Defender Application Control](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control).
We hope this change will help us better communicate options for adopting application control within an organization.
Does this mean Windows Defender Device Guard configuration state is going away? Not at all. The term Device Guard will continue to be used as a way to describe the fully locked down state achieved through the use of Windows Defender Application Control (WDAC), HVCI, and hardware and firmware security features. It also allows us to work with our OEM partners to identify specifications for devices that are “Device Guard capable” so that our joint customers can easily purchase devices that meet all of the hardware and firmware requirements of the original "Device Guard" locked down scenario for Windows 10 based devices.

8
windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md
View File

@ -38,10 +38,10 @@ These settings, located at **Computer Configuration\Administrative Templates\Win
|Name|Supported versions|Description|Options|
|-----------|------------------|-----------|-------|
|Configure Windows Defender Application Guard clipboard settings|Windows 10 Enterprise, 1709 or higher<br><br>Windows 10 Professional, 1803|Determines whether Application Guard can use the clipboard functionality.|**Enabled.** Turns On the clipboard functionality and lets you choose whether to additionally:<ul><li>Disable the clipboard functionality completely when Virtualization Security is enabled.</li><li>Enable copying of certain content from Application Guard into Microsoft Edge.</li><li>Enable copying of certain content from Microsoft Edge into Application Guard.<br><br>**Important**<br>Allowing copied content to go from Microsoft Edge into Application Guard can cause potential security risks and isn't recommended.</li></ul>**Disabled or not configured.** Completely turns Off the clipboard functionality for Application Guard.|
|Configure Windows Defender Application Guard print settings|Windows 10 Enterprise, 1709 or higher<br><br>Windows 10 Professional, 1803|Determines whether Application Guard can use the print functionality.|**Enabled.** Turns On the print functionality and lets you choose whether to additionally:<ul><li>Enable Application Guard to print into the XPS format.</li><li>Enable Application Guard to print into the PDF format.</li><li>Enable Application Guard to print to locally attached printers.</li><li>Enable Application Guard to print from previously connected network printers. Employees can't search for additional printers.</ul>**Disabled or not configured.** Completely turns Off the print functionality for Application Guard.|
|Block enterprise websites to load non-enterprise content in IE and Edge|Windows 10 Enterprise, 1709 or higher<br><br>Windows 10 Professional, 1803|Determines whether to allow Internet access for apps not included on the **Allowed Apps** list.|**Enabled.** Prevents network traffic from both Internet Explorer and Microsoft Edge to non-enterprise sites that can't render in the Application Guard container.**Note** This may also block assets cached by CDNs and references to analytics sites. Please add them to the trusted enterprise resources to avoid broken pages.<br><br>**Disabled or not configured.** Allows Microsoft Edge to render network traffic to non-enterprise sites that can't render in Application Guard. |
|Allow Persistence|Windows 10 Enterprise, 1709 or higher<br><br>Windows 10 Professional, 1803|Determines whether data persists across different sessions in Windows Defender Application Guard.|**Enabled.** Application Guard saves user-downloaded files and other items (such as, cookies, Favorites, and so on) for use in future Application Guard sessions.<br><br>**Disabled or not configured.** All user data within Application Guard is reset between sessions.<br><br>**Note**<br>If you later decide to stop supporting data persistence for your employees, you can use our Windows-provided utility to reset the container and to discard any personal data.<br>**To reset the container:**<ol><li>Open a command-line program and navigate to Windows/System32.</li><li>Type `wdagtool.exe cleanup`.<br>The container environment is reset, retaining only the employee-generated data.</li><li>Type `wdagtool.exe cleanup RESET_PERSISTENCE_LAYER`.<br>The container environment is reset, including discarding all employee-generated data.</li></ol>|
|Configure Windows Defender Application Guard clipboard settings|Windows 10 Enterprise, 1709 or higher<br><br>Windows 10 Pro, 1803|Determines whether Application Guard can use the clipboard functionality.|**Enabled.** Turns On the clipboard functionality and lets you choose whether to additionally:<ul><li>Disable the clipboard functionality completely when Virtualization Security is enabled.</li><li>Enable copying of certain content from Application Guard into Microsoft Edge.</li><li>Enable copying of certain content from Microsoft Edge into Application Guard.<br><br>**Important**<br>Allowing copied content to go from Microsoft Edge into Application Guard can cause potential security risks and isn't recommended.</li></ul>**Disabled or not configured.** Completely turns Off the clipboard functionality for Application Guard.|
|Configure Windows Defender Application Guard print settings|Windows 10 Enterprise, 1709 or higher<br><br>Windows 10 Pro, 1803|Determines whether Application Guard can use the print functionality.|**Enabled.** Turns On the print functionality and lets you choose whether to additionally:<ul><li>Enable Application Guard to print into the XPS format.</li><li>Enable Application Guard to print into the PDF format.</li><li>Enable Application Guard to print to locally attached printers.</li><li>Enable Application Guard to print from previously connected network printers. Employees can't search for additional printers.</ul>**Disabled or not configured.** Completely turns Off the print functionality for Application Guard.|
|Block enterprise websites to load non-enterprise content in IE and Edge|Windows 10 Enterprise, 1709 or higher<br><br>Windows 10 Pro, 1803|Determines whether to allow Internet access for apps not included on the **Allowed Apps** list.|**Enabled.** Prevents network traffic from both Internet Explorer and Microsoft Edge to non-enterprise sites that can't render in the Application Guard container.**Note** This may also block assets cached by CDNs and references to analytics sites. Please add them to the trusted enterprise resources to avoid broken pages.<br><br>**Disabled or not configured.** Allows Microsoft Edge to render network traffic to non-enterprise sites that can't render in Application Guard. |
|Allow Persistence|Windows 10 Enterprise, 1709 or higher<br><br>Windows 10 Pro, 1803|Determines whether data persists across different sessions in Windows Defender Application Guard.|**Enabled.** Application Guard saves user-downloaded files and other items (such as, cookies, Favorites, and so on) for use in future Application Guard sessions.<br><br>**Disabled or not configured.** All user data within Application Guard is reset between sessions.<br><br>**Note**<br>If you later decide to stop supporting data persistence for your employees, you can use our Windows-provided utility to reset the container and to discard any personal data.<br>**To reset the container:**<ol><li>Open a command-line program and navigate to Windows/System32.</li><li>Type `wdagtool.exe cleanup`.<br>The container environment is reset, retaining only the employee-generated data.</li><li>Type `wdagtool.exe cleanup RESET_PERSISTENCE_LAYER`.<br>The container environment is reset, including discarding all employee-generated data.</li></ol>|
|Turn on Windows Defender Application Guard in Enterprise Mode|Windows 10 Enterprise, 1709 or higher|Determines whether to turn on Application Guard for Microsoft Edge.|**Enabled.** Turns on Application Guard for Microsoft Edge, honoring the network isolation settings, rendering non-enterprise domains in the Application Guard container. Be aware that Application Guard won't actually be turned On unless the required prerequisites and network isolation settings are already set on the device.<br><br>**Disabled.** Turns Off Application Guard, allowing all apps to run in Microsoft Edge.|
|Allow files to download to host operating system|Windows 10 Enterprise, 1803|Determines whether to save downloaded files to the host operating system from the Windows Defender Application Guard container.|**Enabled.** Allows users to save downloaded files from the Windows Defender Application Guard container to the host operating system.<br><br>**Disabled or not configured.** Users are not able to saved downloaded files from Application Guard to the host operating system.|
|Allow hardware-accelerated rendering for Windows Defender Application Guard|Windows 10 Enterprise, version 1803<br><br>(experimental only)|Determines whether Windows Defender Application Guard renders graphics using hardware or software acceleration.|**Enabled.** Windows Defender Application Guard uses Hyper-V to access supported, high-security rendering graphics hardware (GPUs). These GPUs improve rendering performance and battery life while using Windows Defender Application Guard, particularly for video playback and other graphics-intensive use cases. If this setting is enabled without connecting any high-security rendering graphics hardware, Windows Defender Application Guard will automatically revert to software-based (CPU) rendering.<br><br><ul>**Important**<br>Be aware that enabling this setting with potentially compromised graphics devices or drivers might pose a risk to the host device.<br><br></ul>**Disabled or not configured.** Windows Defender Application Guard uses software-based (CPU) rendering and wont load any third-party graphics drivers or interact with any connected graphics hardware.<br><br>**Note**<br>This is an experimental feature in Windows 10 Enterprise, version 1803 and will not function without the presence of an additional registry key provided by Microsoft. If you would like to evaluate this feature on deployments of Windows 10 Enterprise, version 1803, please contact Microsoft for further information.|

4
windows/security/threat-protection/windows-defender-application-guard/faq-wd-app-guard.md
View File

@ -14,7 +14,7 @@ ms.date: 11/07/2017
**Applies to:**
- Windows 10 Enterpise edition, version 1709 or higher
- Windows 10 Professional edition, version 1803
- Windows 10 Pro edition, version 1803
Answering frequently asked questions about Windows Defender Application Guard (Application Guard) features, integration with the Windows operating system, and general configuration.
@ -32,7 +32,7 @@ Answering frequently asked questions about Windows Defender Application Guard (A
| | |
|---|----------------------------|
|**Q:** |Can employees download documents from the Application Guard Edge session onto host devices?|
|**A:** |In Windows 10 Enterprise edition 1803, users will be able to download documents from the isolated Application Guard container to the host PC. This is managed by policy.<br><br>In Windows 10 Enterprise edition 1709 or Windows 10 Professional edition 1803, it is not possible to download files from the isolated Application Guard container to the host PC. However, employees can use the **Print as PDF** or **Print as XPS** options and save those files to the host device.|
|**A:** |In Windows 10 Enterprise edition 1803, users will be able to download documents from the isolated Application Guard container to the host PC. This is managed by policy.<br><br>In Windows 10 Enterprise edition 1709 or Windows 10 Pro edition 1803, it is not possible to download files from the isolated Application Guard container to the host PC. However, employees can use the **Print as PDF** or **Print as XPS** options and save those files to the host device.|
<br>
| | |

2
windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard.md
View File

@ -17,7 +17,7 @@ Before you can install and use Windows Defender Application Guard, you must dete
Applies to:
- Windows 10 Enterprise edition, version 1709 or higher
- Windows 10 Professional edition, version 1803
- Windows 10 Pro edition, version 1803
Employees can use hardware-isolated browsing sessions without any administrator or management policy configuration. In this mode, you must install Application Guard and then the employee must manually start Microsoft Edge in Application Guard while browsing untrusted sites. For an example of how this works, see the [Application Guard in standalone mode](test-scenarios-wd-app-guard.md) testing scenario.

2
windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md
View File

@ -14,7 +14,7 @@ ms.date: 11/09/2017
**Applies to:**
- Windows 10 Enterprise edition, version 1709 or higher
- Windows 10 Professional edition, version 1803
- Windows 10 Pro edition, version 1803
The threat landscape is continually evolving. While hackers are busy developing new techniques to breach enterprise networks by compromising workstations, phishing schemes remain one of the top ways to lure employees into social engineering attacks. Windows Defender Application Guard is designed to help prevent old, and newly emerging attacks, to help keep employees productive.

2
windows/security/threat-protection/windows-defender-application-guard/test-scenarios-wd-app-guard.md
View File

@ -16,7 +16,7 @@ We've come up with a list of suggested testing scenarios that you can use to tes
**Applies to:**
- Windows 10 Enterpise edition, version 1709 or higher
- Windows 10 Professional edition, version 1803
- Windows 10 Pro edition, version 1803
## Application Guard in standalone mode
You can see how an employee would use standalone mode with Application Guard.

2
windows/security/threat-protection/windows-defender-application-guard/wd-app-guard-overview.md
View File

@ -14,7 +14,7 @@ ms.date: 07/09/2018
**Applies to:**
- Windows 10 Enterprise edition, version 1709 or higher
- Windows 10 Professional edition, version 1803
- Windows 10 Pro edition, version 1803
Windows Defender Application Guard (Application Guard) is designed to help prevent old and newly emerging attacks to help keep employees productive. Using our unique hardware isolation approach, our goal is to destroy the playbook that attackers use by rendering current attack methods obsolete.

11
windows/security/threat-protection/windows-defender-exploit-guard/emet-exploit-protection-exploit-guard.md
View File

@ -11,7 +11,7 @@ ms.pagetype: security
ms.localizationpriority: medium
author: andreabichsel
ms.author: v-anbic
ms.date: 04/30/2018
ms.date: 08/30/2018
---
@ -32,7 +32,7 @@ ms.date: 04/30/2018
>[!IMPORTANT]
>If you are currently using EMET you should be aware that [EMET will reach end of life on July 31, 2018](https://blogs.technet.microsoft.com/srd/2016/11/03/beyond-emet/). You should consider replacing EMET with Exploit protection in Windows 10.
>If you are currently using EMET you should be aware that [EMET reached end of life on July 31, 2018](https://blogs.technet.microsoft.com/srd/2016/11/03/beyond-emet/). You should consider replacing EMET with Exploit protection in Windows 10.
>
>You can [convert an existing EMET configuration file into Exploit protection](import-export-exploit-protection-emet-xml.md#convert-an-emet-configuration-file-to-an-exploit-protection-configuration-file) to make the migration easier and keep your existing settings.
@ -42,9 +42,7 @@ This topic describes the differences between the Enhance Mitigation Experience T
Windows Defender Exploit Guard is our successor to EMET and provides stronger protection, more customization, an easier user interface, and better configuration and management options.
EMET is a stand-alone product that is available on earlier versions of Windows and provides some mitigation against older, known exploit techniques.
After July 31, 2018, it will reach its end of life, which means it will not be supported and no additional development will be made on it.
EMET is a stand-alone product that was available on earlier versions of Windows and provides some mitigation against older, known exploit techniques.
For more information about the individual features and mitigations available in Windows Defender Exploit Guard, as well as how to enable, configure, and deploy them to better protect your network, see the following topics:
@ -52,9 +50,6 @@ This topic describes the differences between the Enhance Mitigation Experience T
- [Protect devices from exploits with Windows Defender Exploit Guard](exploit-protection-exploit-guard.md)
- [Configure and audit Exploit protection mitigations](customize-exploit-protection.md)
## Feature comparison
The table in this section illustrates the differences between EMET and Windows Defender Exploit Guard.

4
windows/security/threat-protection/windows-defender-exploit-guard/exploit-protection-exploit-guard.md
View File

@ -11,7 +11,7 @@ ms.pagetype: security
ms.localizationpriority: medium
author: andreabichsel
ms.author: v-anbic
ms.date: 05/30/2018
ms.date: 08/30/2018
---
@ -56,7 +56,7 @@ Exploit protection works best with [Windows Defender Advanced Threat Protection]
Many of the features in the [Enhanced Mitigation Experience Toolkit (EMET)](https://technet.microsoft.com/en-us/security/jj653751) have been included in Exploit protection, and you can convert and import existing EMET configuration profiles into Exploit protection. See the [Comparison between Enhanced Mitigation Experience Toolkit and Windows Defender Exploit Guard topic](emet-exploit-protection-exploit-guard.md) for more information on how Exploit protection supersedes EMET and what the benefits are when considering moving to Exploit protection on Windows 10.
>[!IMPORTANT]
>If you are currently using EMET you should be aware that [EMET will reach end of life on July 31, 2018](https://blogs.technet.microsoft.com/srd/2016/11/03/beyond-emet/). You should consider replacing EMET with Exploit protection in Windows 10. You can [convert an existing EMET configuration file into Exploit protection](import-export-exploit-protection-emet-xml.md#convert-an-emet-configuration-file-to-an-exploit-protection-configuration-file) to make the migration easier and keep your existing settings.
>If you are currently using EMET, you should be aware that [EMET reached end of life on July 31, 2018](https://blogs.technet.microsoft.com/srd/2016/11/03/beyond-emet/). You should consider replacing EMET with Exploit protection in Windows 10. You can [convert an existing EMET configuration file into Exploit protection](import-export-exploit-protection-emet-xml.md#convert-an-emet-configuration-file-to-an-exploit-protection-configuration-file) to make the migration easier and keep your existing settings.
>[!WARNING]
>Some security mitigation technologies may have compatibility issues with some applications. You should test Exploit protection in all target use scenarios by using [audit mode](audit-windows-defender-exploit-guard.md) before deploying the configuration across a production environment or the rest of your network.

1
windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md
View File

@ -68,7 +68,6 @@ This section covers requirements for each feature in Windows Defender EG.
|--------|---------|
| ![not supported](./images/ball_empty.png) | Not supported |
| ![supported](./images/ball_50.png) | Supported |
| ![supported, enhanced](./images/ball_75.png) | Includes advanced exploit protection for the kernel mode via [HVCI](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/enable-virtualization-based-protection-of-code-integrity) |
| ![supported, full reporting](./images/ball_full.png) | Includes automated reporting into the Windows Defender ATP console|