Windows 10: Exploit Protection Program Settings

Under Exploit Protection Program Settings it shows I have 1 override system on cnfnot32.exe /excel.exe /excelcnv.exe & ExtExport.exe What does this mean?

:)

 

Exploit Protection's "Program Settings"

Let us say that I went into WINDOWS DEFENDER SECURITY CENTER > APP & BROWSER CONTROL > EXPLOIT PROTECTION SETTINGS > PROGRAM SETTINGS.

Then, let us say that I edited via "system override" the settings for one of the programs.

My question: How would I later restore the default settings (i. e., the ones that were set before editing) for one or more edited programs?

Exploit Protection does not seem to provide any option for restoring back to a program's default state before any change was made.

Thanks for any help!

 

Many items in Program settings in Exploit protection

Hello Reticzeta,

Thanks for using Microsoft products and posting in the community.

It is normal for there to be a large list of executable files in the Program settings section of Exploit protection. The list contains all the programs that are recognized by Windows, and some of them may have been added by third-party applications installed on your computer.

Some of the exe files you mentioned, such as excelcnv.exe, graph.exe, and ie4uinit.exe, are related to Microsoft Office applications and are included in the list by default. Other exe files, like ngen.exe, are related to Windows itself and may have been added to the list by Windows updates or other system changes.

If you are concerned about any of the individual overrides for these files, you can review them to see if they appear to be legitimate. If you are unsure, you can research the file online to see if it is associated with any known malware or security vulnerabilities.

Overall, having a long list of executable files in the Program settings section of Exploit protection is not necessarily a cause for concern, as it is normal for there to be a large number of programs on a typical computer. However, it is always a good idea to stay vigilant and keep your security software up to date to protect against any potential threats.

Please feel free to let me know if you have any further updates, thanks.

Best Regards,

Lenka-MSFT| Microsoft Community Support Specialist

 

Exploit Protection Settings

The Exploit Protection settings are preconfigured; and home users should generally just leave them alone:



The Use default configuration for each of the mitigation settings indicates our recommendation for a base level of protection for everyday usage for home users. Enterprise deployments should consider the protection required for
their individual needs and may need to modify configuration away from the defaults.



https://docs.microsoft.com/en-us/wi...er-exploit-guard/customize-exploit-protection



https://docs.microsoft.com/en-us/wi...xploit-guard/exploit-protection-exploit-guard



The preconfigured applications have been optimized by Microsoft – and adding customizations for other apps requires both a rationale and an understanding of the potential consequences, since haphazardly changing the default settings for an app can
easily render it dysfunctional.



It’s ironic that these application mitigations are exposed in the Windows Defender Security Center interface, while the safe and simple Windows Defender configuration options are only available via the PowerShell Set-MpPreference command line:



https://docs.microsoft.com/en-us/powershell/module/defender/set-mppreference?view=win10-ps



The Set-MpPreference cmdlet now also includes the parameters for Attack Surface Reduction and Block at First Sight:



Redirecting