What Is Exploit Protection? How to Enable It on Windows 10/11? [MiniTool Tips]

What Is Exploit Protection?

Exploit Protection is one of the features in Windows Defender that can protect your computer from the infection of malware that uses security exploits. There are two mitigations in Exploit Protection – system level and program level.

How to Enable Exploit Protection Windows 10/11?

After knowing what Exploit Protection is, let me show you how to access this feature on Windows 10/11:  

Step 1. Go to Settings > Update & Security > Windows Security > App & browser control > Exploit protection settings.

Step 2. As you can see, the settings are divided into two tabs – System settings and Program settings.

Under System settings, you can see the following options:

• Control flow guard (CFG)
• Data Execution Prevention (DEP)
• Force randomization for images (mandatory ASLR)
• Randomize memory allocations (Bottom-up ASLR)
• High-entropy ASLR
• Validate exception chains (SEHOP)
• Validate heap integrity

Under Program settings, you can add program to customize by either hitting Add by program name or Choose exact file path. Also, adding the program by hitting it from the pre-populated list is permitted.

• Add by program name – allows you to apply migration to any running process with that name. You need to specify the file with its extensions.
• Choose exact file path – selects the executable file from the standard Windows Explorer file picker window.

Meanwhile, Exploit Protection allows you to export your settings in an XML file after hitting Export settings.

If you are using EMET and have saved its settings in an XML file, you can try importing the settings running the following command in Windows PowerShell:

Set-ProcessMitigation -PolicyFilePath myconfig.xml

How to Add or Exclude an App in Exploit Protection?

If the feature is enabled, some applications will be lagging or stuttering when launching them. This is pretty common in games, so you can disable Exploit Protection when gaming. Here’s how to add or exclude Exploit Protection for some selected application on Windows 10/11:

Step 1. Press Win + I to launch Windows Settings.

Step 2. In the settings menu, scroll down to find Update & Security and hit it.

Step 3. Under the Windows Security tab, click on App & browser control.

Step 4. Scroll down to find Exploit protection settings and hit it.

Step 5. Go to Program settings and click on Add program to customize to customize the settings. Choose from Add by program name and Choose exact file path.

Step 6. Here, we select Choose exact file path. Once found and selected, you will see a list of mitigation that can be applied. If you want to add the file in Exploit Protection, tick all the options. To exclude the file from Exploit Protection, untick the boxes marked against the app.

Step 7. Click on Apply to save the settings.

Step 8. Reboot your computer.

Another Way to Protect Your Data

Exploit Protection can protect your system from the attack of malware and viruses. At the same time, it is also important to secure your files and folders. There is another way for you to protect your data – back up your files and folders on an external hard drive via MiniTool ShadowMaker. With a backup copy in hand, even if your files are lost after a malware infection, you can restore them easily.

Free Download

MiniTool ShadowMaker is a free and reliable backup software that is designed to create a backup for files, folders, partitions, systems and disks on Windows 11/10/8/7. It is green, convenient and practical. If you need to back up your important data, MiniTool ShadowMaker will be the top choice for you!

[Guide] How to Back up Your Computer to an External Drive

Do you know how to backup hard drive Windows 10 with ease? This post will show three ways to backup hard drive with the professional hard drive backup software.

Read More