---
title: ExploitGuard Policy CSP
description: Learn more about the ExploitGuard Area in Policy CSP
author: vinaypamnani-msft
manager: aaroncz
ms.author: vinpa
ms.date: 12/30/2022
ms.localizationpriority: medium
ms.prod: windows-client
ms.technology: itpro-manage
ms.topic: reference
---

<!-- Auto-Generated CSP Document -->

<!-- ExploitGuard-Begin -->
# Policy CSP - ExploitGuard

<!-- ExploitGuard-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- ExploitGuard-Editable-End -->

<!-- ExploitProtectionSettings-Begin -->
## ExploitProtectionSettings

<!-- ExploitProtectionSettings-Applicability-Begin -->
| Scope | Editions | Applicable OS |
|:--|:--|:--|
| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 10, version 1709 [10.0.16299] and later |
<!-- ExploitProtectionSettings-Applicability-End -->

<!-- ExploitProtectionSettings-OmaUri-Begin -->
```Device
./Device/Vendor/MSFT/Policy/Config/ExploitGuard/ExploitProtectionSettings
```
<!-- ExploitProtectionSettings-OmaUri-End -->

<!-- ExploitProtectionSettings-Description-Begin -->
<!-- Description-Source-ADMX -->
Specify a common set of Microsoft Defender Exploit Guard system and application mitigation settings that can be applied to all endpoints that have this GP setting configured.

There are some prerequisites before you can enable this setting:
- Manually configure a device's system and application mitigation settings using the Set-ProcessMitigation PowerShell cmdlet, the ConvertTo-ProcessMitigationPolicy PowerShell cmdlet, or directly in Windows Security.
- Generate an XML file with the settings from the device by running the Get-ProcessMitigation PowerShell cmdlet or using the Export button at the bottom of the Exploit Protection area in Windows Security.
- Place the generated XML file in a shared or local path.

Note: Endpoints that have this GP setting set to Enabled must be able to access the XML file, otherwise the settings will not be applied.

Enabled
Specify the location of the XML file in the Options section. You can use a local (or mapped) path, a UNC path, or a URL, such as the following:
- C:\MitigationSettings\Config.XML
- \\Server\Share\Config.xml
- https://localhost:8080/Config.xml

The settings in the XML file will be applied to the endpoint.

Disabled
Common settings will not be applied, and the locally configured settings will be used instead.

Not configured
Same as Disabled.
<!-- ExploitProtectionSettings-Description-End -->

<!-- ExploitProtectionSettings-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- ExploitProtectionSettings-Editable-End -->

<!-- ExploitProtectionSettings-DFProperties-Begin -->
**Description framework properties**:

| Property name | Property value |
|:--|:--|
| Format | chr (string) |
| Access Type | Add, Delete, Get, Replace |
<!-- ExploitProtectionSettings-DFProperties-End -->

<!-- ExploitProtectionSettings-GpMapping-Begin -->
**Group policy mapping**:

| Name | Value |
|:--|:--|
| Name | ExploitProtection_Name |
| Friendly Name | Use a common set of exploit protection settings |
| Element Name | Type the location (local path, UNC path, or URL) of the mitigation settings configuration XML file |
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Exploit Guard > Exploit Protection |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender ExploitGuard\Exploit Protection |
| ADMX File Name | ExploitGuard.admx |
<!-- ExploitProtectionSettings-GpMapping-End -->

<!-- ExploitProtectionSettings-Examples-Begin -->
<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- ExploitProtectionSettings-Examples-End -->

<!-- ExploitProtectionSettings-End -->

<!-- ExploitGuard-CspMoreInfo-Begin -->
<!-- Add any additional information about this CSP here. Anything outside this section will get overwritten. -->
<!-- ExploitGuard-CspMoreInfo-End -->

<!-- ExploitGuard-End -->

## Related articles

[Policy configuration service provider](policy-configuration-service-provider.md)