Exploit Protection

Scenario description

Exploit Protection automatically applies a number of exploit mitigation settings system wide and on individual apps. Many of the features in the Enhanced Mitigation Experience Toolkit (EMET) have been included in Exploit Protection, and you can convert and import existing EMET configuration profiles into Exploit Protection.

Scenario requirements and setup

Windows 10 1709 build 16273

PowerShell command

Set-ProcessMitigation -PolicyFilePath ProcessMitigation.xml
Set-ProcessMitigation –help

Verify configuration

Get-ProcessMitigation

Sample xml file

EP xml config file (right click, "save target as")

Scenario

Scenario 1: Convert EMET xml to Exploit Protection settings

Convert EMET to xml, run powershell command: ConvertTo-ProcessMitigationPolicy
Apply settings, run powershell command: Set-ProcessMitigation -PolicyFilePath <XML from above step>
Confirm settings were applied, run powershell command: Get-ProcessMitigation
Review the event log for application compatibility

Scenario 2: Apply selfhost xml to Exploit Protection settings

Download our EP xml config file (right click, "save target as") or use your own
Apply settings, run powershell command: Set-ProcessMitigation -PolicyFilePath ProcessMitigation.xml
Confirm settings were applied, run powershell command: Get-ProcessMitigation
Review the event log for application compatibility