From Windows 10 Security Technical Implementation Guide
Part of WN10-EP-000160
Associated with: CCI-000366
Exploit protection in Windows 10 provides a means of enabling additional mitigations against potential threats at the system and application level. Without these additional application protections, Windows 10 may be subject to various exploits.
This is NA prior to v1709 of Windows 10. This is applicable to unclassified systems, for other systems this is NA. Run "Windows PowerShell" with elevated privileges (run as administrator). Enter "Get-ProcessMitigation -Name [application name]" with each of the following substituted for [application name]: java.exe, javaw.exe, and javaws.exe (Get-ProcessMitigation can be run without the -Name parameter to get a list of all application mitigations configured.) If the following mitigations do not have a status of "ON" for each, this is a finding: DEP: Enable: ON Payload: EnableExportAddressFilter: ON EnableExportAddressFilterPlus: ON EnableImportAddressFilter: ON EnableRopStackPivot: ON EnableRopCallerCheck: ON EnableRopSimExec: ON The PowerShell command produces a list of mitigations; only those with a required status of "ON" are listed here.
Ensure the following mitigations are turned "ON" for java.exe, javaw.exe, and javaws.exe: DEP: Enable: ON Payload: EnableExportAddressFilter: ON EnableExportAddressFilterPlus: ON EnableImportAddressFilter: ON EnableRopStackPivot: ON EnableRopCallerCheck: ON EnableRopSimExec: ON Application mitigations defined in the STIG are configured by a DoD EP XML file included with the Windows 10 STIG package in the "Supporting Files" folder. The XML file is applied with the group policy setting Computer Configuration >> Administrative Settings >> Windows Components >> Windows Defender Exploit Guard >> Exploit Protection >> "Use a common set of exploit protection settings" configured to "Enabled" with file name and location defined under "Options:". It is recommended the file be in a read-only network location.
Lavender hyperlinks in small type off to the right (of CSS
class id
, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle
or
Accept: application/rdf+xml
.
Powered by sagemincer