Tuesday, November 20, 2018
Home > Apps > secure your applications with Exploit Protection

secure your applications with Exploit Protection

The feature Exploit Protection, relatively unknown, protects the system and programs against piracy. Here is a method to configure it without asking too many questions.

With Windows Defender, Microsoft has significantly beefed up the protection features of its operating system, including a virus detection engine, a firewall, URL filtering, and more. Among the least known tools in this package is the Exploit Protection, a software that provides a whole arsenal of anti-piracy shields with odd names such as “control flow protection”, “data execution prevention” or ” to force the randomization of images “.

Behind these obscure terms are hidden functions whose purpose is to thwart intrusion techniques used by pirates. They have been developed progressively since 2009 as part of the EMET (Enhanced Mitigation Experience Toolkit), a free software created by Microsoft and previously intended for system administrators. With Windows 10, the publisher has decided to integrate all these functions directly into its operating system and make them accessible to all.

Exploit Protection forms an additional line of defense in addition to the firewall and virus detection engine. To configure it, go to “Windows Settings -> Update and Security -> Windows Security -> Application and Browser Control”. Then scroll down to the bottom of the page and click on “Exploit Protection Settings”.

The window that opens then offers two configuration panels: “System Settings” and “Program Settings”. We do not recommend touching the first ones which are, for the most part, already activated by default. On the other hand, it is possible to reinforce the settings concerning the applications.

By default, the “Application Settings” pane already lists some Microsoft software. But it is possible to add others to submit to anti-piracy techniques Exploit Protection. The ideal way is to add the applications you use most often and which seem important to you: your Internet browser, your banking application, your text editor, your PDF viewer, etc.

To add an application, simply click on “Add a program to customize” and choose the option “Choose the exact file access path”. You can then select the executable file of the application in question by navigating in the file tree. The executables are located in the “C: \ Program Files” and “C: \ Programs” directories. For example, we chose the Opera browser. Once your application is added, select it and press “Edit”.

You are then confronted with a list of about twenty security options with exotic names such as “Arbitrary code protection”, “Block images of low integrity”, “Protection of control flow”. In this article, we will not explain the meaning of these options, which are based on very technical concepts. Some have been enabled by default by the system. Others can be by hand.

The problem is that they can crash the application if they are too protective. This is obviously the case of the “Code Integrity Protection” option, which, once enabled, only allows the launch of applications created by Microsoft or from the Microsoft Store. Similarly, the option “Do not allow child processes” is a very bad idea when it comes to a web browser because the navigation tabs that are opened are just child processes.

To shield the application as much as possible, we recommend going through it gradually, activating the options one by one and checking each time that the software works correctly. In the case of Opera, we managed to activate nine additional protection options out of the three that were already there. It takes a little patience, but we get there. And above all it is not a big obstacle for those who really want to benefit from better security.

Leave a Reply

Your email address will not be published. Required fields are marked *