From 79a99f52d8c555ad35c2de787e01bbf19bdeb6f0 Mon Sep 17 00:00:00 2001 From: Iaan D'Souza-Wiltshire Date: Mon, 21 Aug 2017 18:57:50 -0700 Subject: [PATCH] title updates --- .../customize-exploit-protection.md | 2 +- .../enable-exploit-protection.md | 2 +- ...port-export-exploit-protection-emet-xml.md | 45 +------------------ 3 files changed, 3 insertions(+), 46 deletions(-) diff --git a/windows/threat-protection/windows-defender-exploit-guard/customize-exploit-protection.md b/windows/threat-protection/windows-defender-exploit-guard/customize-exploit-protection.md index a2aeb04fc5..b85ec679a2 100644 --- a/windows/threat-protection/windows-defender-exploit-guard/customize-exploit-protection.md +++ b/windows/threat-protection/windows-defender-exploit-guard/customize-exploit-protection.md @@ -13,7 +13,7 @@ author: iaanw ms.author: iawilt --- -# Customize Attack Surface Reduction +# Customize Exploit Protection **Applies to:** diff --git a/windows/threat-protection/windows-defender-exploit-guard/enable-exploit-protection.md b/windows/threat-protection/windows-defender-exploit-guard/enable-exploit-protection.md index 6281a70c77..bc9e0ef47a 100644 --- a/windows/threat-protection/windows-defender-exploit-guard/enable-exploit-protection.md +++ b/windows/threat-protection/windows-defender-exploit-guard/enable-exploit-protection.md @@ -15,7 +15,7 @@ ms.author: iawilt -# Enable Controlled Folder Access +# Enable Exploit Protection **Applies to:** diff --git a/windows/threat-protection/windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md b/windows/threat-protection/windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md index e2b01c3d21..41cad22f87 100644 --- a/windows/threat-protection/windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md +++ b/windows/threat-protection/windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md @@ -36,59 +36,16 @@ ms.author: iawilt ### Export system-level mitigations -1. Open the Windows Defender Security Center by clicking the shield icon in the task bar or searching the start menu for **Defender**. - -2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar) and then the **Virus & threat protection settings** label: - - ![Screenshot of the Virus & threat protection settings label in the Windows Defender Security Center](../windows-defender-antivirus/images/defender/wdav-protection-settings-wdsc.png) - -3. Under the **Controlled folder access** section, click **Protected folders** - -4. Click **Add a protected folder** and follow the prompts to add apps. - - ![](images/cfa-prot-folders.png) - -You can import the XML file to other machines in your organization. You can do this individually for each machine by using the Windows Defender Security Center, or you can deploy a Group Policy setting for multiple devices. +. ### Import system-level mitigations **Use the Windows Defender Security app to import system-level mitigations:** -1. Open the Windows Defender Security Center by clicking the shield icon in the task bar or searching the start menu for **Defender**. -2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar) and then the **Virus & threat protection settings** label: - - ![Screenshot of the Virus & threat protection settings label in the Windows Defender Security Center](../windows-defender-antivirus/images/defender/wdav-protection-settings-wdsc.png) - -3. Under the **Controlled folder access** section, click **Protected folders** - -4. Click **Add a protected folder** and follow the prompts to add apps. - - ![](images/cfa-prot-folders.png) **Use Group Policy to import and deploy system-level mitigations:** -1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**. - -3. In the **Group Policy Management Editor** go to **Computer configuration**. - -4. Click **Policies** then **Administrative templates**. - -5. Expand the tree to **Windows components > Windows Defender Antivirus > Exploit Guard**. - -6. Double-click the **Configure controlled folder access** setting and set the option to **Enabled**. In the options section you must specify one of the following: - - **Enable** - Malicious and suspicious apps will not be allowed to make changes to files in protected folders. A notification will be provided in the Windows event log - - **Disable (Default)** - The Controlled Folder Access feature will not work. All apps can make changes to files in protected folders. - - **Audit Mode** - If a malicious or suspicious app attempts to make a change to a file in a protected folder, the change will be allowed but will be recorded in the Windows event log. This allows you to assess the impact of this feature on your organization. - - - ![](images/cfa-gp-enable.png) - ->[!IMPORTANT] ->To fully enable the Controlled Folder Access feature, you must set the Group Policy option to **Enabled** and also select **Enable** in the options drop-down menu. - - - ## Related topics