deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-13 05:47:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #8466 from Reeced40/patch-19

Browse Source 
Update exploit-protection.md
This commit is contained in:
Denise Vangel-MSFT 2020-10-21 11:42:11 -07:00 committed by GitHub
commit 8b5746c972
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md
View File

@ -11,7 +11,7 @@ ms.localizationpriority: medium
audience: ITPro audience: ITPro
author: denisebmsft author: denisebmsft
ms.author: deniseb ms.author: deniseb
ms.date: 04/02/2019 ms.date: 10/21/2020
ms.reviewer: ms.reviewer:
manager: dansimp manager: dansimp
ms.custom: asr ms.custom: asr
@ -65,7 +65,7 @@ DeviceEvents
You can review the Windows event log to see events that are created when exploit protection blocks (or audits) an app: You can review the Windows event log to see events that are created when exploit protection blocks (or audits) an app:
|Provider/source | Event ID | Description| |Provider/source | Event ID | Description|
|---|---|---| |:---|:---|:---|
|Security-Mitigations | 1 | ACG audit | |Security-Mitigations | 1 | ACG audit |
|Security-Mitigations | 2 | ACG enforce | |Security-Mitigations | 2 | ACG enforce |
|Security-Mitigations | 3 | Do not allow child processes audit | |Security-Mitigations | 3 | Do not allow child processes audit |
@ -100,7 +100,7 @@ The mitigations available in EMET are included natively in Windows 10 (starting
The table in this section indicates the availability and support of native mitigations between EMET and exploit protection. The table in this section indicates the availability and support of native mitigations between EMET and exploit protection.
|Mitigation | Available under exploit protection | Available in EMET | |Mitigation | Available under exploit protection | Available in EMET |
|---|---|---| |:---|:---|:---|
|Arbitrary code guard (ACG) | yes | yes<br />As "Memory Protection Check" | |Arbitrary code guard (ACG) | yes | yes<br />As "Memory Protection Check" |
|Block remote images | yes | yes<br/>As "Load Library Check" | |Block remote images | yes | yes<br/>As "Load Library Check" |
|Block untrusted fonts | yes | yes | |Block untrusted fonts | yes | yes |
@ -131,8 +131,6 @@ The table in this section indicates the availability and support of native mitig
## See also ## See also
- [Protect devices from exploits](exploit-protection.md) - [Protect devices from exploits](exploit-protection.md)
- [Evaluate exploit protection](evaluate-exploit-protection.md)
- [Enable exploit protection](enable-exploit-protection.md)
- [Configure and audit exploit protection mitigations](customize-exploit-protection.md) - [Configure and audit exploit protection mitigations](customize-exploit-protection.md)
- [Import, export, and deploy exploit protection configurations](import-export-exploit-protection-emet-xml.md)
- [Troubleshoot exploit protection](troubleshoot-exploit-protection-mitigations.md) - [Troubleshoot exploit protection](troubleshoot-exploit-protection-mitigations.md)
- [Optimize ASR rule deployment and detections](threat-protection/microsoft-defender-atp/configure-machines-asr.md)