Published by


Brink's Avatar
Administrator

Posts: 28,594

Show Printable Version 


How to Enable or Disable Windows Defender Exploit Protection Settings in Windows 10


Starting with Windows 10 build 16232, you can now audit, configure, and manage Windows system and application exploit mitigation settings (EMET EOL) right from the Windows Defender Security Center.

Exploit protection is built into Windows 10 to help protect your device against attacks. Out of the box, your device is already set up with the protection settings that work best for most people.

Exploit protection is part of Windows Defender Exploit Guard. Exploit protection helps protect devices from malware that use exploits to spread and infect. It consists of a number of mitigations that can be applied at either the operating system level, or at the individual app level.

You configure these settings using the Windows Defender Security Center on an individual machine, and then export the configuration as an XML file as a backup and that you can deploy to other machines. When you export the settings, all settings for both app-level and system-level mitigations are saved. This means you don't need to export a file from both the System settings and Program settings sections - either section will export all settings.

For more information, see also:

This tutorial will show you how to enable or disable the ability to change Exploit protection settings in Windows Defender Security Center in Windows 10.

You must be signed in as an administrator to enable or disable Exploit protection settings.


 CONTENTS:

  • Option One: Enable or Disable Windows Defender Exploit Protection Settings in Local Group Policy Editor
  • Option Two: Enable or Disable Windows Defender Exploit Protection Settings using a REG file


EXAMPLE: Exploit protection settings disabled (grayed out) in Windows Defender Security Center
Name:  Exploit_protection_settings-1.jpg
Views: 655
Size:  54.9 KB Name:  Exploit_protection_settings-2.jpg
Views: 648
Size:  43.8 KB






Enable or Disable Windows Defender Exploit Protection Settings OPTION ONE Enable or Disable Windows Defender Exploit Protection Settings
Enable or Disable Windows Defender Exploit Protection Settings in Local Group Policy Editor


The Local Group Policy Editor is only available in the Windows 10 Pro, Enterprise, and Education editions.

All editions can use Option TWO below.

1. Open the Local Group Policy Editor.

2. In the left pane of Local Group Policy Editor, navigate to the location below. (see screenshot below)

Computer Configuration\Administrative Templates\Windows components\Windows Defender Security Center\App and browser protection

Name:  Exploit_protection_gpedit-1.jpg
Views: 648
Size:  52.6 KB

3. In the right pane of App and browser protection in Local Group Policy Editor, double click/tap on the Prevent users from modifying settings policy to edit it. (see screenshot above)

4. Do step 5 (enable) or step 6 (disable) below for what you would like to do.


 5. To Enable Windows Defender Exploit Protection Settings

A) Select (dot) Not Configured or Disabled, click/tap on OK, and go to step 7 below. (see screenshot below)

Not Configured[/B] is the default setting.


 6. To Disable Windows Defender Exploit Protection Settings

A) Select (dot) Enabled, click/tap on OK, and go to step 7 below. (see screenshot below)

Name:  Exploit_protection_gpedit-2.png
Views: 654
Size:  34.7 KB

7. Close the Local Group Policy Editor.






Enable or Disable Windows Defender Exploit Protection Settings OPTION TWO Enable or Disable Windows Defender Exploit Protection Settings
Enable or Disable Windows Defender Exploit Protection Settings using a REG file


The downloadable .reg files below will modify the DWORD value in the registry key below.

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center\App and Browser protection

DisallowExploitProtectionOverride DWORD

(delete) = Enable
1 = Disable

1. Do step 2 (enable) or step 3 (disable) below for what you would like to do.


 2. To Enable Windows Defender Exploit Protection Settings

This is the default setting.

A) Click/tap on the Download button below to download the file below, and go to step 4 below.

Enable_changing_Exploit_protection_settings.reg

download


 3. To Disable Windows Defender Exploit Protection Settings

A) Click/tap on the Download button below to download the file below, and go to step 4 below.

Disable_changing_Exploit_protection_settings.reg

download

4. Save the .reg file to your desktop.

5. Double click/tap on the downloaded .reg file to merge it.

6. When prompted, click/tap on Run, Yes (UAC), Yes, and OK to approve the merge.

7. Restart the computer to apply.

8. You can now delete the downloaded .reg file if you like.


That's it,
Shawn