Use a common set of exploit protection settings

Supported OS tags: Windows10, Windows10RT, Windows11, WindowsServer2016

Specify a common set of Microsoft Defender Exploit Guard system and application mitigation settings that can be applied to all endpoints that have this GP setting configured. There are some prerequisites before you can enable this setting: - Manually configure a device's system and application mitigation settings using the Set-ProcessMitigation PowerShell cmdlet, the ConvertTo-ProcessMitigationPolicy PowerShell cmdlet, or directly in Windows Security. - Generate an XML file with the settings from the device by running the Get-ProcessMitigation PowerShell cmdlet or using the Export button at the bottom of the Exploit Protection area in Windows Security. - Place the generated XML file in a shared or local path. Note: Endpoints that have this GP setting set to Enabled must be able to access the XML file, otherwise the settings will not be applied. Enabled Specify the location of the XML file in the Options section. You can use a local (or mapped) path, a UNC path, or a URL, such as the following: - C:\MitigationSettings\Config.XML - \\Server\Share\Config.xml - https://localhost:8080/Config.xml The settings in the XML file will be applied to the endpoint. Disabled Common settings will not be applied, and the locally configured settings will be used instead. Not configured Same as Disabled.