From b656b88244dc5c6829c97d5bf66e3d2874cc237e Mon Sep 17 00:00:00 2001
From: Jin Lin <linj@microsoft.com>
Date: Mon, 22 Feb 2021 17:05:55 -0800
Subject: [PATCH] Update enable-exploit-protection.md

Policy also works for system-mode
---
 .../microsoft-defender-atp/enable-exploit-protection.md         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md b/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md
index 3f2f1e958a..50c80fed5b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md
@@ -228,7 +228,7 @@ This table lists the individual **Mitigations** (and **Audits**, when available)
 | Mitigation type | Applies to | Mitigation cmdlet parameter keyword | Audit mode cmdlet parameter |
 | :-------------- | :--------- | :---------------------------------- | :-------------------------- |
 | Control flow guard (CFG) | System and app-level |   `CFG`,   `StrictCFG`,   `SuppressExports`  | Audit not available |
-| Hardware-enforced Stack Protection | App-level only |   `UserShadowStack`,   `UserShadowStackStrictMode`  |   `AuditUserShadowStack` |
+| Hardware-enforced Stack Protection | System and app-level |   `UserShadowStack`,   `UserShadowStackStrictMode`  |   `AuditUserShadowStack` |
 | Data Execution Prevention (DEP) | System and app-level |   `DEP`,   `EmulateAtlThunks`  | Audit not available |
 | Force randomization for images (Mandatory ASLR) | System and app-level |   `ForceRelocateImages`  | Audit not available |
 | Randomize memory allocations (Bottom-Up ASLR) | System and app-level |   `BottomUp`,   `HighEntropy`  | Audit not available