This commit is contained in:
Justin Hall
2019-03-26 16:37:09 -07:00
parent 5aaeac3787
commit e58007cd1c
4 changed files with 190 additions and 32 deletions

View File

@ -106,7 +106,7 @@ Validate stack integrity (StackPivot) | Ensures that the stack has not been redi
2. Click the **App & browser control** tile (or the app icon on the left menu bar) and then click **Exploit protection**.
3. Under the **System settings** section, find the mitigation you want to configure and select one of the following. Apps that aren't configured individually in the **Program settings** section will use the settings configured here:
3. Under the **System settings** section, find the mitigation you want to configure and select one of the following. Apps that aren't configured individually in the **Program settings** section will use the settings configured here:
- **On by default** - The mitigation is *enabled* for apps that don't have this mitigation set in the app-specific **Program settings** section
- **Off by default** - The mitigation is *disabled* for apps that don't have this mitigation set in the app-specific **Program settings** section
- **Use default** - The mitigation is either enabled or disabled, depending on the default configuration that is set up by Windows 10 installation; the default value (**On** or **Off**) is always specified next to the **Use default** label for each mitigation
@ -114,32 +114,23 @@ Validate stack integrity (StackPivot) | Ensures that the stack has not been redi
>[!NOTE]
>You may see a User Account Control window when changing some settings. Enter administrator credentials to apply the setting.
Changing some settings may required a restart, which will be indicated in red text underneath the setting.
Changing some settings may require a restart.
4. Repeat this for all the system-level mitigations you want to configure.
You can now [export these settings as an XML file](import-export-exploit-protection-emet-xml.md) or continue on to configure app-specific mitigations.
3. Go to the **Program settings** section and choose the app you want to apply mitigations to:
Exporting the configuration as an XML file allows you to copy the configuration from one machine onto other machines.
### Configure app-specific mitigations with the Windows Security app
1. Open the Windows Security app by clicking the shield icon in the task bar or searching the start menu for **Defender**.
2. Click the **App & browser control** tile (or the app icon on the left menu bar) and then click **Exploit protection settings** at the bottom of the screen.
3. Go to the **Program settings** section and choose the app you want to apply mitigations to:
1. If the app you want to configure is already listed, click it and then click **Edit**
2. If the app is not listed, at the top of the list click **Add program to customize** and then choose how you want to add the app:
1. If the app you want to configure is already listed, click it and then click **Edit**
2. If the app is not listed, at the top of the list click **Add program to customize** and then choose how you want to add the app:
- Use **Add by program name** to have the mitigation applied to any running process with that name. You must specify a file with an extension. You can enter a full path to limit the mitigation to only the app with that name in that location.
- Use **Choose exact file path** to use a standard Windows Explorer file picker window to find and select the file you want.
4. After selecting the app, you'll see a list of all the mitigations that can be applied. To enable the mitigation, click the check box and then change the slider to **On**. Select any additional options. Choosing **Audit** will apply the mitigation in audit mode only. You will be notified if you need to restart the process or app, or if you need to restart Windows.
5. Repeat this for all the apps and mitigations you want to configure. Click **Apply** when you're done setting up your configuration.
You can now [export these settings as an XML file](import-export-exploit-protection-emet-xml.md) or return to configure system-level mitigations.
You can now [export these settings as an XML file](import-export-exploit-protection-emet-xml.md) or continue on to configure app-specific mitigations.
Exporting the configuration as an XML file allows you to copy the configuration from one machine onto other machines.