mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-23 14:23:38 +00:00
space characters
This commit is contained in:
Iaan D'Souza-Wiltshire
@ -86,29 +86,29 @@ The table in this section indicates the availability and support of native mitig
|
|||||||
|
|
||||||
Mitigation | Available in Windows Defender Exploit Guard | Available in EMET
|
Mitigation | Available in Windows Defender Exploit Guard | Available in EMET
|
||||||
-|:-:|:-:
|
-|:-:|:-:
|
||||||
Arbitrary<EFBFBD>code<EFBFBD>guard<EFBFBD>(ACG) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]<br<EFBFBD>/>As<EFBFBD>"Memory<EFBFBD>Protection<EFBFBD>Check"
|
Arbitrary code guard (ACG) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]<br />As "Memory Protection Check"
|
||||||
Block<EFBFBD>remote<EFBFBD>images | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]<br/>As<EFBFBD>"Load<EFBFBD>Library<EFBFBD>Check"
|
Block remote images | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]<br/>As "Load Library Check"
|
||||||
Block<EFBFBD>untrusted<EFBFBD>fonts | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Block untrusted fonts | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Data<EFBFBD>Execution<EFBFBD>Prevention<EFBFBD>(DEP) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Data Execution Prevention (DEP) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Export<EFBFBD>address<EFBFBD>filtering<EFBFBD>(EAF) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Export address filtering (EAF) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Force<EFBFBD>randomization<EFBFBD>for<EFBFBD>images<EFBFBD>(Mandatory<EFBFBD>ASLR) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Force randomization for images (Mandatory ASLR) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
NullPage<EFBFBD>Security<EFBFBD>Mitigation | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]<br<EFBFBD>/>Included<EFBFBD>natively<EFBFBD>in<EFBFBD>Windows<EFBFBD>10 | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
NullPage Security Mitigation | [!include[Check mark yes](images/svg/check-yes.md)]<br />Included natively in Windows 10 | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Randomize<EFBFBD>memory<EFBFBD>allocations<EFBFBD>(Bottom-Up<EFBFBD>ASLR) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Randomize memory allocations (Bottom-Up ASLR) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Simulate<EFBFBD>execution<EFBFBD>(SimExec) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Simulate execution (SimExec) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Validate<EFBFBD>API<EFBFBD>invocation<EFBFBD>(CallerCheck) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Validate API invocation (CallerCheck) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Validate<EFBFBD>exception<EFBFBD>chains<EFBFBD>(SEHOP) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Validate exception chains (SEHOP) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Validate<EFBFBD>stack<EFBFBD>integrity<EFBFBD>(StackPivot) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Validate stack integrity (StackPivot) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Certificate<EFBFBD>trust<EFBFBD>(configurable<EFBFBD>certificate<EFBFBD>pinning) | No<EFBFBD>longer<EFBFBD>supported<EFBFBD>by<EFBFBD>the<EFBFBD>industry<EFBFBD>as<EFBFBD>newer<EFBFBD>mitigations<EFBFBD>provide<EFBFBD>better<EFBFBD>protection<EFBFBD>with<EFBFBD>fewer<EFBFBD>errors | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Certificate trust (configurable certificate pinning) | No longer supported by the industry as newer mitigations provide better protection with fewer errors | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Heap<EFBFBD>spray<EFBFBD>allocation | Ineffective<EFBFBD>against<EFBFBD>modern<EFBFBD>browser<EFBFBD>exploits,<EFBFBD>newer<EFBFBD>mitigations<EFBFBD>provide<EFBFBD>better<EFBFBD>protection | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Heap spray allocation | Ineffective against modern browser exploits, newer mitigations provide better protection | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Block<EFBFBD>low<EFBFBD>integrity<EFBFBD>images | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Block low integrity images | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
Code<EFBFBD>integrity<EFBFBD>guard | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Code integrity guard | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
Disable<EFBFBD>extension<EFBFBD>points | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Disable extension points | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
Disable<EFBFBD>Win32k<EFBFBD>system<EFBFBD>calls | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Disable Win32k system calls | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
Do<EFBFBD>not<EFBFBD>allow<EFBFBD>child<EFBFBD>processes | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Do not allow child processes | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
Import<EFBFBD>address<EFBFBD>filtering<EFBFBD>(IAF) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Import address filtering (IAF) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
Validate<EFBFBD>handle<EFBFBD>usage | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Validate handle usage | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
Validate<EFBFBD>heap<EFBFBD>integrity | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Validate heap integrity | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
Validate<EFBFBD>image<EFBFBD>dependency<EFBFBD>integrity | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Validate image dependency integrity | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -135,55 +135,55 @@ Validate
|
|||||||
|
|
||||||
Mitigation | Available in Windows Defender Exploit Guard | Available in EMET
|
Mitigation | Available in Windows Defender Exploit Guard | Available in EMET
|
||||||
-|:-:|:-:
|
-|:-:|:-:
|
||||||
Arbitrary<EFBFBD>code<EFBFBD>guard<EFBFBD>(ACG) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]<br<EFBFBD>/>As<EFBFBD>"Memory<EFBFBD>Protection<EFBFBD>Check"
|
Arbitrary code guard (ACG) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]<br />As "Memory Protection Check"
|
||||||
Block<EFBFBD>low<EFBFBD>integrity<EFBFBD>images | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Block low integrity images | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
Block<EFBFBD>remote<EFBFBD>images | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]<br/>As<EFBFBD>"Load<EFBFBD>Library<EFBFBD>Check"
|
Block remote images | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]<br/>As "Load Library Check"
|
||||||
Block<EFBFBD>untrusted<EFBFBD>fonts | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Block untrusted fonts | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Certificate<EFBFBD>trust<EFBFBD>(configurable<EFBFBD>certificate<EFBFBD>pinning) | No<EFBFBD>longer<EFBFBD>supported<EFBFBD>by<EFBFBD>the<EFBFBD>industry<EFBFBD>as<EFBFBD>newer<EFBFBD>mitigations<EFBFBD>provide<EFBFBD>better<EFBFBD>protection<EFBFBD>with<EFBFBD>fewer<EFBFBD>errors | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Certificate trust (configurable certificate pinning) | No longer supported by the industry as newer mitigations provide better protection with fewer errors | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Code<EFBFBD>integrity<EFBFBD>guard | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Code integrity guard | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
Data<EFBFBD>Execution<EFBFBD>Prevention<EFBFBD>(DEP) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Data Execution Prevention (DEP) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Disable<EFBFBD>extension<EFBFBD>points | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Disable extension points | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
Disable<EFBFBD>Win32k<EFBFBD>system<EFBFBD>calls | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Disable Win32k system calls | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
Do<EFBFBD>not<EFBFBD>allow<EFBFBD>child<EFBFBD>processes | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Do not allow child processes | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
Export<EFBFBD>address<EFBFBD>filtering<EFBFBD>(EAF) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Export address filtering (EAF) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Force<EFBFBD>randomization<EFBFBD>for<EFBFBD>images<EFBFBD>(Mandatory<EFBFBD>ASLR) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Force randomization for images (Mandatory ASLR) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Heap<EFBFBD>spray<EFBFBD>allocation | Ineffective<EFBFBD>against<EFBFBD>modern<EFBFBD>browser<EFBFBD>exploits,<EFBFBD>newer<EFBFBD>mitigations<EFBFBD>provide<EFBFBD>better<EFBFBD>protection | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Heap spray allocation | Ineffective against modern browser exploits, newer mitigations provide better protection | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Import<EFBFBD>address<EFBFBD>filtering<EFBFBD>(IAF) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Import address filtering (IAF) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
NullPage<EFBFBD>Security<EFBFBD>Mitigation | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]<br<EFBFBD>/>Included<EFBFBD>natively<EFBFBD>in<EFBFBD>Windows<EFBFBD>10 | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
NullPage Security Mitigation | [!include[Check mark yes](images/svg/check-yes.md)]<br />Included natively in Windows 10 | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Randomize<EFBFBD>memory<EFBFBD>allocations<EFBFBD>(Bottom-Up<EFBFBD>ASLR) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Randomize memory allocations (Bottom-Up ASLR) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Simulate<EFBFBD>execution<EFBFBD>(SimExec) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Simulate execution (SimExec) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Validate<EFBFBD>API<EFBFBD>invocation<EFBFBD>(CallerCheck) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Validate API invocation (CallerCheck) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Validate<EFBFBD>exception<EFBFBD>chains<EFBFBD>(SEHOP) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Validate exception chains (SEHOP) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Validate<EFBFBD>handle<EFBFBD>usage | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Validate handle usage | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
Validate<EFBFBD>heap<EFBFBD>integrity | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Validate heap integrity | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
Validate<EFBFBD>image<EFBFBD>dependency<EFBFBD>integrity | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Validate image dependency integrity | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
Validate<EFBFBD>stack<EFBFBD>integrity<EFBFBD>(StackPivot) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Validate stack integrity (StackPivot) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
|
|
||||||
|
|
||||||
# Table WDEG yes > EMET no > Emet > yes
|
# Table WDEG yes > EMET no > Emet > yes
|
||||||
|
|
||||||
Mitigation | Available in Windows Defender Exploit Guard | Available in EMET
|
Mitigation | Available in Windows Defender Exploit Guard | Available in EMET
|
||||||
-|:-:|:-:
|
-|:-:|:-:
|
||||||
Block<EFBFBD>low<EFBFBD>integrity<EFBFBD>images | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Block low integrity images | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
Code<EFBFBD>integrity<EFBFBD>guard | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Code integrity guard | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
Disable<EFBFBD>extension<EFBFBD>points | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Disable extension points | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
Disable<EFBFBD>Win32k<EFBFBD>system<EFBFBD>calls | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Disable Win32k system calls | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
Do<EFBFBD>not<EFBFBD>allow<EFBFBD>child<EFBFBD>processes | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Do not allow child processes | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
Import<EFBFBD>address<EFBFBD>filtering<EFBFBD>(IAF) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Import address filtering (IAF) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
Validate<EFBFBD>handle<EFBFBD>usage | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Validate handle usage | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
Validate<EFBFBD>heap<EFBFBD>integrity | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Validate heap integrity | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
Validate<EFBFBD>image<EFBFBD>dependency<EFBFBD>integrity | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>no](images/svg/check-no.md)]
|
Validate image dependency integrity | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
|
||||||
Heap<EFBFBD>spray<EFBFBD>allocation | Ineffective<EFBFBD>against<EFBFBD>modern<EFBFBD>browser<EFBFBD>exploits,<EFBFBD>newer<EFBFBD>mitigations<EFBFBD>provide<EFBFBD>better<EFBFBD>protection | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Heap spray allocation | Ineffective against modern browser exploits, newer mitigations provide better protection | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Certificate<EFBFBD>trust<EFBFBD>(configurable<EFBFBD>certificate<EFBFBD>pinning) | No<EFBFBD>longer<EFBFBD>supported<EFBFBD>by<EFBFBD>the<EFBFBD>industry<EFBFBD>as<EFBFBD>newer<EFBFBD>mitigations<EFBFBD>provide<EFBFBD>better<EFBFBD>protection<EFBFBD>with<EFBFBD>fewer<EFBFBD>errors | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Certificate trust (configurable certificate pinning) | No longer supported by the industry as newer mitigations provide better protection with fewer errors | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
NullPage<EFBFBD>Security<EFBFBD>Mitigation | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]<br<EFBFBD>/>Included<EFBFBD>natively<EFBFBD>in<EFBFBD>Windows<EFBFBD>10 | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
NullPage Security Mitigation | [!include[Check mark yes](images/svg/check-yes.md)]<br />Included natively in Windows 10 | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Block<EFBFBD>untrusted<EFBFBD>fonts | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Block untrusted fonts | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Data<EFBFBD>Execution<EFBFBD>Prevention<EFBFBD>(DEP) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Data Execution Prevention (DEP) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Export<EFBFBD>address<EFBFBD>filtering<EFBFBD>(EAF) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Export address filtering (EAF) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Force<EFBFBD>randomization<EFBFBD>for<EFBFBD>images<EFBFBD>(Mandatory<EFBFBD>ASLR) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Force randomization for images (Mandatory ASLR) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Randomize<EFBFBD>memory<EFBFBD>allocations<EFBFBD>(Bottom-Up<EFBFBD>ASLR) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Randomize memory allocations (Bottom-Up ASLR) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Simulate<EFBFBD>execution<EFBFBD>(SimExec) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Simulate execution (SimExec) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Validate<EFBFBD>API<EFBFBD>invocation<EFBFBD>(CallerCheck) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Validate API invocation (CallerCheck) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Validate<EFBFBD>exception<EFBFBD>chains<EFBFBD>(SEHOP) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Validate exception chains (SEHOP) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Validate<EFBFBD>stack<EFBFBD>integrity<EFBFBD>(StackPivot) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]
|
Validate stack integrity (StackPivot) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
|
||||||
Arbitrary<EFBFBD>code<EFBFBD>guard<EFBFBD>(ACG) | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]<br<EFBFBD>/>As<EFBFBD>"Memory<EFBFBD>Protection<EFBFBD>Check"
|
Arbitrary code guard (ACG) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]<br />As "Memory Protection Check"
|
||||||
Block<EFBFBD>remote<EFBFBD>images | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)] | [!include[Check<EFBFBD>mark<EFBFBD>yes](images/svg/check-yes.md)]<br/>As<EFBFBD>"Load<EFBFBD>Library<EFBFBD>Check"
|
Block remote images | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]<br/>As "Load Library Check"
|
||||||
|
|||||||
Reference in New Issue
Block a user