deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-21 17:57:22 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Updated exploit protection settings

Browse Source 
Clarified where the settings can be changed and verified.
This commit is contained in:
Jonathan Gregson 2020-02-01 21:05:14 -08:00 committed by GitHub
parent eecb5b2b3a
commit bc64f15c61
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md
View File

@ -42,4 +42,4 @@ Your environment needs the following software to run Windows Defender Applicatio
|Operating system|Windows 10 Enterprise edition, version 1709 or higher<br>Windows 10 Professional edition, version 1803 or higher<br>Windows 10 Professional for Workstations edition, version 1803 or higher<br>Windows 10 Professional Education edition version 1803 or higher<br>Windows 10 Education edition, version 1903 or higher<br>Professional editions are only supported for non-managed devices; Intune or any other 3rd party mobile device management (MDM) solutions are not supported with WDAG for Professional editions. |
|Browser|Microsoft Edge and Internet Explorer|
|Management system<br> (only for managed devices)|[Microsoft Intune](https://docs.microsoft.com/intune/)<br><br>**-OR-**<br><br>[Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/)<br><br>**-OR-**<br><br>[Group Policy](https://technet.microsoft.com/library/cc753298(v=ws.11).aspx)<br><br>**-OR-**<br><br>Your current company-wide 3rd party mobile device management (MDM) solution. For info about 3rd party MDM solutions, see the documentation that came with your product.|
|Windows Defender Exploit Protection settings|Control Flow Guard (CFG) must be set to "Use default (On)" or "Off by default". If set to "On by default", Windows Defender Application Guard will not launch.<br><br>Randomize memory allocations (Bottom-up ASLR) must be set to "Use default (On)" or "Off by default". If set to "On by default", the `vmmem` process will have high CPU utilization while a Windows Defender Application Guard window is open.|
|Windows Defender Exploit Protection settings|The following settings should be configured or verified in the **Windows Security** app under **App & browser control** > **Exploit Protection** > **System Settings**.<br><br>**Control Flow Guard (CFG)** must be set to "Use default (On)" or "Off by default". If set to "On by default", Windows Defender Application Guard will not launch.<br><br>**Randomize memory allocations (Bottom-up ASLR)** must be set to "Use default (On)" or "Off by default". If set to "On by default", the `Vmmem` process will have high CPU utilization while a Windows Defender Application Guard window is open.|