In this article, you will learn how to deploy exploit protection to your environment, exploit protection helps protect devices from malware that uses exploits to spread and infect.
You can enable exploit protection on an individual device, and then use Group Policy to distribute the XML file to multiple devices at once.
Exploit protection can be applied at either the operating system level or at the individual app level.
Step 1. Setting up the Exploit Protection
You need to configure the exploit protection setting on a dedicated device to export a configuration file.
- Go to the Windows Settings and select update and security,
![How To Deploy And Configure Exploit Protection In Windows Server 2022]()
- Open app & browser control from Windows Security and then select exploit protection setting
![How To Deploy And Configure Exploit Protection In Windows Server 2022]()
- You can customize exploit protection settings for your system setting, you can configure the setting by using turn on or turn off
![How To Deploy And Configure Exploit Protection In Windows Server 2022]()
- You can customize exploit protection settings for your program. If you want to customize the program settings add program or edit existing program
![How To Deploy And Configure Exploit Protection In Windows Server 2022]()
Step 2. Export a Configuration File
At the bottom of the Exploit protection section, select Export settings. Choose the location and name of the XML file where you want the configuration to be saved.
PowerShell command to export a configuration file (Run as Administrator)
“Get-ProcessMitigation -RegistryConfigFilePath C:\Exploit_Production\Exploitsettings.xml”
![How To Deploy And Configure Exploit Protection In Windows Server 2022]()
Step 3. Deploy an exploit production configuration file
You can use Group Policy to deploy the configuration you've created to multiple devices in your network.
- Open Group Policy Management (GPO) from your windows server
![How To Deploy And Configure Exploit Protection In Windows Server 2022]()
- Create and link a New GPO
![How To Deploy And Configure Exploit Protection In Windows Server 2022]()
- Right-click the Group Policy Object you want to configure and Edit.
Expand the tree to Windows components > Microsoft Defender Exploit Guard > Exploit protection.
![How To Deploy And Configure Exploit Protection In Windows Server 2022]()
- Enable the Setting and then enter the location and file name of the Exploit protection configuration file that you want to use,
C:\Exploit_Production\Exploitsettings.xml
Select OK and Deploy the updated GPO as you normally do.
![How To Deploy And Configure Exploit Protection In Windows Server 2022]()