deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-21 05:13:40 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity
Files
2212b678a201cccae4c56a2431b4a30ea41e1c58
windows-itpro-docs/windows/threat-protection/windows-defender-exploit-guard/configure-system-exploit-protection.md
Iaan D'Souza-Wiltshire 48ff508ae9 ep changes
2017-08-16 11:26:51 -07:00

2.8 KiB
Raw Blame History

title, description, keywords, search.product, ms.pagetype, ms.prod, ms.mktglfcycl, ms.sitesec, ms.pagetype, localizationpriority, author, ms.author
title description keywords search.product ms.pagetype ms.prod ms.mktglfcycl ms.sitesec ms.pagetype localizationpriority author ms.author
Configure how ASR works so you can finetune the protection in your network You can individually set rules in audit, block, or disabled modes, and add files and folders that should be excluded from ASR Attack Surface Reduction, hips, host intrusion prevention system, protection rules, anti-exploit, antiexploit, exploit, infection prevention, customize, configure, exclude eADQiWindows 10XVcnh security w10 manage library security medium iaanw iawilt

Customize Attack Surface Reduction

Applies to:

  • Windows 10 Insider Preview

Audience

  • Enterprise security administrators

Manageability available with

  • Windows Defender Security Center app
  • Group Policy
  • PowerShell
  • Configuration service providers for mobile device management

System-level mitigations

What is the scope for these? Any app? Only Windows/system services? Signed apps? Known bad apps?

System-level mitigations are applied to...

You can set each of the following system-level mitigations to on, off, or the default value:

Mitigation | Default value Control flow guard | On Data execution prevention | On Force randomization for images (Mandatory ASLR) | Off Randomize memory allocations (Bottom-up ASLR) | On Validate exception chains (SEHOP) | On Validate heap integrity | Off

Generally, the default values should be used to...

Control flow guard

Data execution prevention

Force randomization for images (Mandatory ASLR)

Randomize memory allocations (Bottom-up ASLR)

Validate exception chains (SEHOP)

Validate heap integrity

Configure system-level mitigations

  1. Open the Windows Defender Security Center by clicking the shield icon in the task bar or searching the start menu for Defender.

  2. Click the Virus & threat protection tile (or the shield icon on the left menu bar) and then the Virus & threat protection settings label:

    Screenshot of the Virus & threat protection settings label in the Windows Defender Security Center

  3. Under the Controlled folder access section, click Protected folders

  4. Click Add a protected folder and follow the prompts to add apps.

You can now export these settings as an XML file. This allows you to copy the configuration from one machine onto other machines.

Related topics