This article will show you how to configure exploit protection settings for Windows Security app in Windows 10 V1709 or later.

If you’re on Windows 10 V1709 or later, you can configure exploit protection settings. By configuring these settings, you’ll be able to safeguard your system from malware that may use exploit to infect and spread across your device. You can explore all about exploit protection in this Microsoft documentation.

Microsoft has implemented the exploit protection settings right in to the Windows Security (earlier Windows Defender, Windows Defender Security Center) app. In this article, we’ll see how you can configure exploit settings in Windows Security app. Also, we’ll see how to completely enable/disable exploit protection feature on your system.

How To Configure Exploit Protection For Windows Security In Windows 10

Configure Exploit Protection Using Windows Security App

1. Open Windows Security app and click on App & browser control tile.

How To Configure Exploit Protection For Windows Security In Windows 10

2. In the next screen, scroll down and look for Exploit protection section. Click on Exploit protection settings link.

How To Configure Exploit Protection For Windows Security In Windows 10

3. Then in next screen, you can configure the settings as per your need. Leave a setting to default, if you’re unable to take decision for its configuration.

How To Configure Exploit Protection For Windows Security In Windows 10

4. When you change these settings, you’ll receive UAC permission dialog. So provide permissions each time by clicking Yes and provide the credentials, if asked.

How To Configure Exploit Protection For Windows Security In Windows 10

5. To configure exploit protection settings for specific app or program, click on Program settings. Then click ‘+‘ and select Choose exact file path, then browse for the program and add it to this list.

How To Configure Exploit Protection For Windows Security In Windows 10

All the settings will be saved and applied automatically.

In case if you want to enable or disable exploit protection, you can do it via registry manipulation or by configuring relevant Group Policy setting.

Enable/Disable Exploit Protection Using Registry Editor/Group Policy

Registry Disclaimer: The further steps will involve registry manipulation. Making mistakes while manipulating registry could affect your system adversely. So be careful while editing registry entries and create a System Restore point first.

1. Press W8K + R and put regedit in Run dialog box to open Registry Editor (if you’re not familiar with Registry Editor, then click here). Click OK.

Windows 10 Registry Editor

2. In left pane of Registry Editor window, navigate to following registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center\App and Browser protection

How To Configure Exploit Protection For Windows Security In Windows 10

3. Now in the right pane of App and Browser protection registry key, right click in blank space, select New > DWORD Value. Name the newly created registry DWORD (REG_DWORD) as DisallowExploitProtectionOverride. Double click on this registry DWORD to modify its Value data:

How To Configure Exploit Protection For Windows Security In Windows 10

4. Set the Value data to 1 to disable exploit protection and click OK. Close Registry Editor and reboot.

After restarting your system, users will no longer able to configure exploit protection.

Delete the DisallowExploitProtectionOverride registry DWORD, in case if you want to enable exploit protection again.

Group Policy Setting: If you want to disable exploit protection on multiple machines in your organization/workplace, you can deploy the relevant GPO setting. Set Prevent users from modifying settings policy setting at Computer Configuration > Administrative Templates > Windows Components > Windows Security > App and browser protection to Enabled.
That’s it!
Share this post on Facebook · Twitter.

Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Comments

  • Kapil Arya : ^^ Eric, we've very less options when Windows Update breaks something....

    6 hours ago

  • Eric : Hi Kapil, thanks for posting this! Like many others, Windows Desktop ...

    11 hours ago

  • Kapil Arya : ^^ Thanks for adding this!...

    11 hours ago

  • Kapil Arya : ^^ Yes, free upgrade is no longer available. You need to purchase genu...

    11 hours ago

  • R.Tan : I have a windows 7 running quite well on HP probook 4540s w/ 8 GB RAM....

    1 day ago