Windows 10: What programs do you protect with Windows Defender Exploit protection?

Discus and support What programs do you protect with Windows Defender Exploit protection? in AntiVirus, Firewalls and System Security to solve the problem; Interested to hear what others have decided on... 107443 Discussion in 'AntiVirus, Firewalls and System Security' started by Kol12, Apr 4, 2018.

  1. Kol12 Win User

    What programs do you protect with Windows Defender Exploit protection?


    Interested to hear what others have decided on...

    :)
     
    Kol12, Apr 4, 2018
    #1

  2. I want to infect my PC

    Hi Rob

    You most likely are aware but for the benefit of all readers let me provide more rather than less information.

    Windows Defender Exploit Guard
    (introduced in Windows 10 Fall Creators Update) includes four components of new intrusion prevention capabilities designed to lock down a system against various attack vectors and block behaviors commonly used in malware attacks before any
    damage can be done.

    • Exploit protection consists of exploit mitigations which
      can be configured to protect the system and applications whenever suspicious or malicious exploit-like behavior is detected.
    • Controlled folder access protects common system folders
      and personal data from ransomware by blocking untrusted processes from accessing and tampering (encrypting) sensitive files contained in these protected folders.
    • Attack Surface Reduction (ASR) is comprised of
      a set of rules which helps prevent exploit-seeking malware by blocking Office, script and email-based threats.
    • Network protection protects against web-based threats
      by blocking any outbound process attempting to connect with untrusted hosts/IP/domains with low-reputation utilizing

      Windows Defender SmartScreen
      .

    Windows Defender EG is intended to replace Microsoft’s EMET which was confusing to novice users and allowed hackers to bypass because the mitigations were not durable and often caused operating system and application stability issues as explained

    here
    . Microsoft advises that Windows Defender EG features all work best with

    Windows Defender Advanced Threat Protection
    which provides detailed reporting into Windows Defender EG events and blocks.

    As noted in the link I provided above, some security researchers have advised not to to use multiple anti-exploit applications because using more than one of them at the same time can hamper the effectiveness of

    Return-oriented programming (ROP)
    , and other exploit checks.

    Fabian Wosar
    of Emsisoft has said multiple anti-exploit programs can result in the system becoming even more vulnerable than if only one anti-exploit application is running. In some cases multiple tools can cause interference
    with each other and program crashes.

    As such, users need to know and understand the protection features of any third-party anti-exploit/anti-ransomware program they are considering to use alongside Windows Defender EG..
     
    quietman7 - MVP, Apr 4, 2018
    #2
  3. GreginMich, Apr 4, 2018
    #3
  4. Slippery Win User

    What programs do you protect with Windows Defender Exploit protection?

    If you download Microsofts' Sysinternals Suite, you can use the "Process Explorer.exe tool" to see what processes have the protections provided by Windows Defender.
    You can get that set of tools here: Sysinternals Suite 2018.2.18 Download - TechSpot

    I forgot to answer your question, lol. Tired. I have everything in exploit section set to on by default. I have everything in app and browser section set to warn.
    I run in a normal user account.
    I have UAC set to all programs. (you get used to the constant nag after a while)
    I have uninstalled Windows script host, Power Shell, Adobe everything, JAVA, all because I don't need or use any of them and they are the frequent source of being commandered into losing control of your machine.
    I use Malwarebytes Premium along with Windows Defender and backup the C drive with Macrium Reflect to disconnected drives.
     
    Slippery, Apr 4, 2018
    #4
  5. Steve C Win User
    Do you mean the DEP column in process Explorer?
     
    Steve C, Apr 4, 2018
    #5
  6. Kol12 Win User
    @Slippery

    Cheers for your response. So you haven't decided on any 3rd party apps that might benefit from protection?

    I decided to give running from a standard account a go also and have been for the last few Win 10 releases. The constant nag for the admin password to run programs can get pretty tiring but I suppose the added protection is worth it.. I have wondered for my most frequently used programs that require admin to run whether I could set them to permanently run as admin without the password request but I'm not aware any such method.
     
    Kol12, Apr 4, 2018
    #6
  7. Kol12 Win User
    Where do you find the DEP column in Process Explorer?
     
    Kol12, Apr 4, 2018
    #7
  8. Slippery Win User

    What programs do you protect with Windows Defender Exploit protection?

    @Kol12, you need to right click Process Explorer and run as admin to see all the columns.
    There are plenty of folks here who are in the upper echelons of geekdom who can help you with permissions and task scheduler to accomplish that if possible. I look on computers as a toy, not to be relied on for the important stuff anymore than is absolutely necessary.

    @Steve C, yes DEP, ASLR, Control Flow Guard
     
    Slippery, Apr 4, 2018
    #8
  9. Slippery Win User
    Yes, that is where I turned on DEP for all programs. Process explorer is a monitoring utility. You can't use it to change the system, just what it is monitoring.
     
    Slippery, Apr 5, 2018
    #9
  10. Kol12 Win User
    You can all also turn DEP on for all programs and services through System - Advanced System settings - Advanced - Performance Settings - DEP tab. *Smile
     
    Kol12, Apr 9, 2018
    #10
Thema:

What programs do you protect with Windows Defender Exploit protection?

Loading...
  1. What programs do you protect with Windows Defender Exploit protection? - Similar Threads - programs protect Defender

  2. exploit protection prgram settings

    in AntiVirus, Firewalls and System Security
    exploit protection prgram settings: what would the default for exploit protection prgram settings look like? https://answers.microsoft.com/en-us/protect/forum/all/exploit-protection-prgram-settings/e1a72e2b-5556-4831-b4e8-4263db95898a
  3. Exploit protection windows 10

    in AntiVirus, Firewalls and System Security
    Exploit protection windows 10: There are four programs with system overrides enabled. ExtExport.exe, ie4uinit.exe, ieinstall.exe and ielowutil.exe. "Force randomization for images Mandatory ASLR" All four have override checked and are set to on. All the system settings are set at default. Web searches......
  4. Exploit protection settings

    in AntiVirus, Firewalls and System Security
    Exploit protection settings: 1. I do not understand the "System settings" options under EXPLOIT PROTECTION in Windows Defender set up section. What does "Use default on vs. "On by default mean? What is the safest? 2, What is SEHOP? What is "heap integrity" What is "High-entropy ASLR...
  5. Need exclusion for Defender Exploit Guard Network Protection

    in AntiVirus, Firewalls and System Security
    Need exclusion for Defender Exploit Guard Network Protection: I have a configuration where the Defender Exploit Guard Network Protection needs to be enabled. Recently an MS update must have changed what triggers this protection and I now have 2 custom applications that no longer launch properly. An acceptable solution is to add...
  6. Need exclusion for Defender Exploit Guard Network Protection

    in AntiVirus, Firewalls and System Security
    Need exclusion for Defender Exploit Guard Network Protection: I have a configuration where the Defender Exploit Guard Network Protection needs to be enabled. Recently an MS update must have changed what triggers this protection and I now have 2 custom applications that no longer launch properly. An acceptable solution is to add...
  7. Windows Defender Exploit Protection problem

    in AntiVirus, Firewalls and System Security
    Windows Defender Exploit Protection problem: Hi guys, For some strange reason my System settings tab is not there in my Exploit Protection settings, only Program settings is visible. Any suggestions on what is happening? 106098
  8. Does Windows Defender Exploit Protection log anywhere?

    in AntiVirus, Firewalls and System Security
    Does Windows Defender Exploit Protection log anywhere?: I've used EMET quite a bit in the past. I recently started using the Fall Creators Update "Exploit Protection" feature. I have the settings as aggressive as possible, and I'm not changing them. This post is not asking what Exploit Protection settings I should use. The...
  9. Enable or Disable Windows Defender Exploit Protection Settings

    in Windows 10 Tutorials
    Enable or Disable Windows Defender Exploit Protection Settings: How to: Enable or Disable Windows Defender Exploit Protection Settings How to Enable or Disable Windows Defender Exploit Protection Settings in Windows 10 Starting with Windows Security app. Exploit protection is built into Windows 10 to help protect your device...
  10. Change Windows Defender Exploit Protection Settings in Windows 10

    in Windows 10 Tutorials
    Change Windows Defender Exploit Protection Settings in Windows 10: How to: Change Windows Defender Exploit Protection Settings in Windows 10 How to Change Windows Defender Exploit Protection Settings in Windows 10 Starting with Windows Defender Security Center. Exploit protection is built into Windows 10 to help protect your device...

Users found this page by searching for:

  1. does windows 10 anti exploit protect third party browsers

    ,
  2. windows defender exploit protection program default programs

    ,
  3. what programs should I add to exploit protection

    ,
  4. which programs should be listed in exploit protection