The relatively unknown Exploit Protection feature helps protect the system and programs against hacking. Here is a method to configure it without asking too many questions.
With Windows Defender, Microsoft has considerably beefed up the protection functions of its operating system, with a virus detection engine, a firewall, URL filtering, etc. Among the lesser-known tools in this package is Exploit Protection, software that provides a whole arsenal of anti-piracy shields with bizarre names such as “control flow protection”, “data execution prevention” or ” force randomization of images ”.
Behind these abstruse terms hide functions whose goal is to thwart intrusion techniques used by hackers. They have been developed progressively since 2009 as part of EMET (Enhanced Mitigation Experience Toolkit), a free software created by Microsoft and intended until then rather for system administrators. With Windows 10, the publisher has decided to integrate all these functions directly into its operating system and make them accessible to everyone.
Exploit Protection forms an additional line of defense in addition to the firewall and virus detection engine. To configure it, go to “Windows settings -> Update and security -> Windows security -> Application and browser control”. You must then scroll down the page and click on “Exploit protection settings”.
The window that opens offers two configuration panes: “System parameters” and “Program parameters”. We do not recommend touching the first ones which are, for the most part, already activated by default. On the other hand, it is possible to strengthen the settings concerning the applications.
By default, the “Application settings” pane already lists some Microsoft software. But it is possible to add others to submit them to the anti-piracy techniques of Exploit Protection. The ideal is then to add the applications that you use most often and that you think are important: your Internet browser, your banking application, your text editor, your PDF viewer, etc.
To add an application, simply click on “Add a program to customize” and choose the option “Choose the exact path to the files”. You can then select the executable file of the application in question by browsing the file tree. The executables are located in the “C: Program Files” and “C: Programs” directories. As an example, we have chosen the Opera browser. Once your app is added, select it and press “Edit”.
You are then faced with a list of about twenty security options with exotic names such as “Arbitrary code protection”, “Block low integrity images”, “Control flow protection”. We will not, within the framework of this article, explain the meaning of these options which are based on very technical concepts. Some have been enabled by default by the system. The others can be done by hand.
The problem is, they can crash the app if they’re too protective. This is obviously the case with the “Code integrity protection” option which, once activated, only allows you to launch applications created by Microsoft or from the Microsoft Store. Likewise, the option “Do not allow child processes” is a very bad idea when it comes to a web browser because the navigation tabs that we open are precisely child processes.
To protect your application as much as possible, we recommend going gradually, activating the options one by one and checking each time that the software is working correctly. In the case of Opera, we managed to activate nine additional protection options out of the three that already were. It takes a little patience, but we’re getting there. And above all, it is not a big obstacle for those who really want to benefit from better security.