deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-23 14:23:38 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity
Files
a685cfa876f711ba8e5465a9959ca94f20f5a891
windows-itpro-docs/windows/threat-protection/windows-defender-exploit-guard/emet-exploit-protection-exploit-guard.md
Iaan D'Souza-Wiltshire a685cfa876 fix layout issues
2017-12-07 14:24:01 -08:00

190 lines
18 KiB
Markdown
Raw Blame History

---
title: Compare the features in Exploit protection with EMET
keywords: emet, enhanced mitigation experience toolkit, configuration, exploit
description: Exploit protection in Windows 10 provides advanced configuration over the settings offered in EMET.
search.product: eADQiWindows 10XVcnh
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: security
localizationpriority: medium
author: iaanw
ms.author: iawilt
ms.date: 08/25/2017
---
# Comparison between Enhanced Mitigation Experience Toolkit and Windows Defender Exploit Guard
**Applies to:**
- Windows 10, version 1709
- Enhanced Mitigation Experience Toolkit version 5.5 (latest version)
**Audience**
- Enterprise security administrators
>[!IMPORTANT]
>If you are currently using EMET you should be aware that [EMET will reach end of life on July 31, 2018](https://blogs.technet.microsoft.com/srd/2016/11/03/beyond-emet/). You should consider replacing EMET with Exploit protection in Windows 10.
>
>You can [convert an existing EMET configuration file into Exploit protection](import-export-exploit-protection-emet-xml.md#convert-an-emet-configuration-file-to-an-exploit-protection-configuration-file) to make the migration easier and keep your existing settings.
The Enhanced Mitigation Experience Toolkit (EMET) is a stand-alone product that is available on earlier versions of Windows and provides a number of system- and app-based mitigations against known exploit techniques.
After July 31, 2018, it will reach its end of life, which means it will not be supported and no additional development will be made on it.
In Windows 10, version 1709 (also known as the Fall Creators Update), we released Windows Defender Exploit Guard, which provides unparalleled mitigation of known and unknown threat attack vectors, including exploits.
Windows Defender Exploit Guard is our successor to EMET and provides stronger protection, more customization, an easier user interface, and better configuration and management options.
## Feature comparison
The table in this section illustrates the differences between EMET and Windows Defender Exploit Guard.
  | Windows Defender Exploit Guard | EMET
-|:-:|:-:
Windows versions | [!include[Check mark yes](images/svg/check-yes.md)] <br />All versions of Windows 10 starting with version 1709 | [!include[Check mark yes](images/svg/check-yes.md)] <br />Windows 8.1; Windows 8; Windows 7<br />Cannot be installed on Windows 10, version 1709 and later
Installation requirements | [Windows Defender Security Center in Windows 10](../windows-defender-security-center/windows-defender-security-center.md) <br />(no additional installation required)<br />Windows Defender Exploit Guard is built into Windows - it doesn't require a separate tool or package for management, configuration, or deployment. | Available only as an additional download and must be installed onto a management device
User interface | Modern interface integrated with the [Windows Defender Security Center](../windows-defender-security-center/windows-defender-security-center.md) | Older, complex interface that requires considerable ramp-up training
Supportability | [!include[Check mark yes](images/svg/check-yes.md)] <br /><!-- [Dedicated submission-based support channel](https://www.microsoft.com/en-us/wdsi/filesubmission)<sup id="ref1">[[1](#fn1)]</sup> -->Throughout the [Windows 10 support lifecycle](https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet) | [!include[Check mark no](images/svg/check-no.md)]<br />Ends after July 31, 2018
Updates | [!include[Check mark yes](images/svg/check-yes.md)] <br />Ongoing updates and development of new features, released twice yearly as part of the [Windows 10 semi-annual update channel](https://blogs.technet.microsoft.com/windowsitpro/2017/07/27/waas-simplified-and-aligned/) | [!include[Check mark no](images/svg/check-no.md)]<br />No planned updates or development
Exploit protection | [!include[Check mark yes](images/svg/check-yes.md)] <br />All EMET mitigations plus new, specific mitigations ([see table](#mitigation-comparison)) | [!include[Check mark yes](images/svg/check-yes.md)] <br />Limited set of mitigations
[Attack surface reduction](attack-surface-reduction-exploit-guard.md) | [!include[Check mark yes](images/svg/check-yes.md)] <br />[Configuration of individual rules](enable-attack-surface-reduction.md) | [!include[Check mark yes](images/svg/check-yes.md)] <br />Limited ruleset configuration only for modules (no processes)
[Network protection](network-protection-exploit-guard.md) | [!include[Check mark yes](images/svg/check-yes.md)] <br />Available | [!include[Check mark no](images/svg/check-no.md)]<br />Not available
[Controlled folder access](controlled-folders-exploit-guard.md) | [!include[Check mark yes](images/svg/check-yes.md)] <br />Available and [configurable for apps and folders](customize-controlled-folders-exploit-guard.md) | [!include[Check mark no](images/svg/check-no.md)]<br />Not available
Configuration with Group Policy | [!include[Check mark yes](images/svg/check-yes.md)] <br />Available | [!include[Check mark yes](images/svg/check-yes.md)]<br />Available
Configuration with GUI (user interface) | [!include[Check mark yes](images/svg/check-yes.md)] <br />Windows-based configuration | [!include[Check mark yes](images/svg/check-yes.md)]<br />Requires installation and use of EMET tool
Configuration with shell tools | [!include[Check mark yes](images/svg/check-yes.md)] <br />PowerShell| [!include[Check mark yes](images/svg/check-yes.md)]<br />Requires use of EMET tool (EMET_CONF)
System Center Configuration Manager | [!include[Check mark yes](images/svg/check-yes.md)] <br />Available | [!include[Check mark no](images/svg/check-no.md)]<br />Not available
Microsoft Intune | [!include[Check mark yes](images/svg/check-yes.md)] <br />Available | [!include[Check mark no](images/svg/check-no.md)]<br />Not available
Reporting | [!include[Check mark yes](images/svg/check-yes.md)] <br />[With Windows event logs](event-views-exploit-guard.md) and full [audit mode reporting](audit-windows-defender-exploit-guard.md) <br />[Full integration with Windows Defender Advanced Threat Protection](../windows-defender-atp/security-analytics-dashboard-windows-defender-advanced-threat-protection.md) | [!include[Check mark yes](images/svg/check-yes.md)] <br />Limited Windows event log monitoring
[Audit mode](audit-windows-defender-exploit-guard.md) | [!include[Check mark yes](images/svg/check-yes.md)] <br />Available | [!include[Check mark no](images/svg/check-no.md)]<br />Limited to EAF, EAF+, and anti-ROP mitigations
<!--
<span id="fn1"></span>([1](#ref1)) Support coming in December 2017. Requires an enterprise subscription with Azure Active Directory or a [Software Assurance ID](https://www.microsoft.com/en-us/licensing/licensing-programs/software-assurance-default.aspx).
-->
## Mitigation comparison
The mitigations available in EMET are included in Windows Defender Exploit Guard, under the [Exploit protection feature](exploit-protection-exploit-guard.md).
The table in this section indicates the availability and support of native mitigations between EMET and Exploit protection.
Mitigation | Available in Windows Defender Exploit Guard | Available in EMET
-|:-:|:-:
Arbitrary<EFBFBD>code<EFBFBD>guard<EFBFBD>(ACG) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]<br<EFBFBD>/>As<EFBFBD>"Memory<72>Protection<6F>Check"
Block<EFBFBD>remote<EFBFBD>images | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]<br/>As<EFBFBD>"Load<61>Library<72>Check"
Block<EFBFBD>untrusted<EFBFBD>fonts | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Data<EFBFBD>Execution<EFBFBD>Prevention<EFBFBD>(DEP) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Export<EFBFBD>address<EFBFBD>filtering<EFBFBD>(EAF) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Force<EFBFBD>randomization<EFBFBD>for<EFBFBD>images<EFBFBD>(Mandatory<72>ASLR) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
NullPage<EFBFBD>Security<EFBFBD>Mitigation | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]<br<EFBFBD>/>Included<EFBFBD>natively<EFBFBD>in<EFBFBD>Windows<EFBFBD>10 | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Randomize<EFBFBD>memory<EFBFBD>allocations<EFBFBD>(Bottom-Up<55>ASLR) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Simulate<EFBFBD>execution<EFBFBD>(SimExec) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Validate<EFBFBD>API<EFBFBD>invocation<EFBFBD>(CallerCheck) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Validate<EFBFBD>exception<EFBFBD>chains<EFBFBD>(SEHOP) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Validate<EFBFBD>stack<EFBFBD>integrity<EFBFBD>(StackPivot) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Certificate<EFBFBD>trust<EFBFBD>(configurable<6C>certificate<74>pinning) | No<4E>longer<65>supported<65>by<62>the<68>industry<72>as<61>newer<65>mitigations<6E>provide<64>better<65>protection<6F>with<74>fewer<65>errors | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Heap<EFBFBD>spray<EFBFBD>allocation | Ineffective<76>against<73>modern<72>browser<65>exploits,<2C>newer<65>mitigations<6E>provide<64>better<65>protection | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Block<EFBFBD>low<EFBFBD>integrity<EFBFBD>images | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
Code<EFBFBD>integrity<EFBFBD>guard | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
Disable<EFBFBD>extension<EFBFBD>points | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
Disable<EFBFBD>Win32k<EFBFBD>system<EFBFBD>calls | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
Do<EFBFBD>not<EFBFBD>allow<EFBFBD>child<EFBFBD>processes | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
Import<EFBFBD>address<EFBFBD>filtering<EFBFBD>(IAF) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
Validate<EFBFBD>handle<EFBFBD>usage | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
Validate<EFBFBD>heap<EFBFBD>integrity | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
Validate<EFBFBD>image<EFBFBD>dependency<EFBFBD>integrity | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
>[!NOTE]
>The Advanced ROP mitigations that are available in EMET refer to additional configuration options for other mitigations, such as "Memory protection checks" and "Load library checks". These mitigations have been included in Windows Defender Exploit Guard with enhancements that natively increase the protection beyond those options in EMET.
## Related topics
- [Protect devices from exploits with Windows Defender Exploit Guard](exploit-protection-exploit-guard.md)
- [Evaluate Exploit protection](evaluate-exploit-protection.md)
- [Enable Exploit protection](enable-exploit-protection.md)
- [Configure and audit Exploit protection mitigations](customize-exploit-protection.md)
- [Import, export, and deploy Exploit protection configurations](import-export-exploit-protection-emet-xml.md)
## Table A-Z mitigations
Mitigation | Available in Windows Defender Exploit Guard | Available in EMET
-|:-:|:-:
Arbitrary<EFBFBD>code<EFBFBD>guard<EFBFBD>(ACG) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]<br<EFBFBD>/>As<EFBFBD>"Memory<72>Protection<6F>Check"
Block<EFBFBD>low<EFBFBD>integrity<EFBFBD>images | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
Block<EFBFBD>remote<EFBFBD>images | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]<br/>As<EFBFBD>"Load<61>Library<72>Check"
Block<EFBFBD>untrusted<EFBFBD>fonts | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Certificate<EFBFBD>trust<EFBFBD>(configurable<6C>certificate<74>pinning) | No<4E>longer<65>supported<65>by<62>the<68>industry<72>as<61>newer<65>mitigations<6E>provide<64>better<65>protection<6F>with<74>fewer<65>errors | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Code<EFBFBD>integrity<EFBFBD>guard | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
Data<EFBFBD>Execution<EFBFBD>Prevention<EFBFBD>(DEP) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Disable<EFBFBD>extension<EFBFBD>points | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
Disable<EFBFBD>Win32k<EFBFBD>system<EFBFBD>calls | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
Do<EFBFBD>not<EFBFBD>allow<EFBFBD>child<EFBFBD>processes | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
Export<EFBFBD>address<EFBFBD>filtering<EFBFBD>(EAF) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Force<EFBFBD>randomization<EFBFBD>for<EFBFBD>images<EFBFBD>(Mandatory<72>ASLR) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Heap<EFBFBD>spray<EFBFBD>allocation | Ineffective<76>against<73>modern<72>browser<65>exploits,<2C>newer<65>mitigations<6E>provide<64>better<65>protection | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Import<EFBFBD>address<EFBFBD>filtering<EFBFBD>(IAF) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
NullPage<EFBFBD>Security<EFBFBD>Mitigation | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]<br<EFBFBD>/>Included<EFBFBD>natively<EFBFBD>in<EFBFBD>Windows<EFBFBD>10 | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Randomize<EFBFBD>memory<EFBFBD>allocations<EFBFBD>(Bottom-Up<55>ASLR) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Simulate<EFBFBD>execution<EFBFBD>(SimExec) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Validate<EFBFBD>API<EFBFBD>invocation<EFBFBD>(CallerCheck) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Validate<EFBFBD>exception<EFBFBD>chains<EFBFBD>(SEHOP) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Validate<EFBFBD>handle<EFBFBD>usage | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
Validate<EFBFBD>heap<EFBFBD>integrity | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
Validate<EFBFBD>image<EFBFBD>dependency<EFBFBD>integrity | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
Validate<EFBFBD>stack<EFBFBD>integrity<EFBFBD>(StackPivot) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
# Table WDEG yes > EMET no > Emet > yes
Mitigation | Available in Windows Defender Exploit Guard | Available in EMET
-|:-:|:-:
Block<EFBFBD>low<EFBFBD>integrity<EFBFBD>images | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
Code<EFBFBD>integrity<EFBFBD>guard | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
Disable<EFBFBD>extension<EFBFBD>points | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
Disable<EFBFBD>Win32k<EFBFBD>system<EFBFBD>calls | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
Do<EFBFBD>not<EFBFBD>allow<EFBFBD>child<EFBFBD>processes | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
Import<EFBFBD>address<EFBFBD>filtering<EFBFBD>(IAF) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
Validate<EFBFBD>handle<EFBFBD>usage | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
Validate<EFBFBD>heap<EFBFBD>integrity | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
Validate<EFBFBD>image<EFBFBD>dependency<EFBFBD>integrity | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>no](images/svg/check-no.md)]
Heap<EFBFBD>spray<EFBFBD>allocation | Ineffective<76>against<73>modern<72>browser<65>exploits,<2C>newer<65>mitigations<6E>provide<64>better<65>protection | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Certificate<EFBFBD>trust<EFBFBD>(configurable<6C>certificate<74>pinning) | No<4E>longer<65>supported<65>by<62>the<68>industry<72>as<61>newer<65>mitigations<6E>provide<64>better<65>protection<6F>with<74>fewer<65>errors | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
NullPage<EFBFBD>Security<EFBFBD>Mitigation | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]<br<EFBFBD>/>Included<EFBFBD>natively<EFBFBD>in<EFBFBD>Windows<EFBFBD>10 | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Block<EFBFBD>untrusted<EFBFBD>fonts | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Data<EFBFBD>Execution<EFBFBD>Prevention<EFBFBD>(DEP) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Export<EFBFBD>address<EFBFBD>filtering<EFBFBD>(EAF) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Force<EFBFBD>randomization<EFBFBD>for<EFBFBD>images<EFBFBD>(Mandatory<72>ASLR) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Randomize<EFBFBD>memory<EFBFBD>allocations<EFBFBD>(Bottom-Up<55>ASLR) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Simulate<EFBFBD>execution<EFBFBD>(SimExec) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Validate<EFBFBD>API<EFBFBD>invocation<EFBFBD>(CallerCheck) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Validate<EFBFBD>exception<EFBFBD>chains<EFBFBD>(SEHOP) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Validate<EFBFBD>stack<EFBFBD>integrity<EFBFBD>(StackPivot) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]
Arbitrary<EFBFBD>code<EFBFBD>guard<EFBFBD>(ACG) | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]<br<EFBFBD>/>As<EFBFBD>"Memory<72>Protection<6F>Check"
Block<EFBFBD>remote<EFBFBD>images | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)] | [!include[Check<63>mark<72>yes](images/svg/check-yes.md)]<br/>As<EFBFBD>"Load<61>Library<72>Check"
Reference in New Issue View Git Blame Copy Permalink