Detections
Analytics

DISA Windows 10 STIG v2r2

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA Windows 10 STIG v2r2

Updated: 3/3/2022

Authority: DISA STIG

Plugin: Windows

Revision: 1.7

Estimated Item Count: 310

Audit Changelog

Ā 
Revision 1.7

Mar 3, 2022

Functional Update
  • WN10-CC-000068 - Windows 10 must be configured to enable Remote host allows delegation of non-exportable credentials.
  • WN10-CC-000210 - The Windows Defender SmartScreen for Explorer must be enabled.
  • WN10-CC-000238 - Windows 10 must be configured to prevent certificate error overrides in Microsoft Edge.
  • WN10-CC-000252 - Windows 10 must be configured to disable Windows Game Recording and Broadcasting.
Miscellaneous
  • Audit deprecated.
  • Metadata updated.
  • References updated.
Revision 1.6

Jan 18, 2022

Functional Update
  • WN10-CC-000068 - Windows 10 must be configured to enable Remote host allows delegation of non-exportable credentials.
  • WN10-CC-000210 - The Windows Defender SmartScreen for Explorer must be enabled.
  • WN10-CC-000238 - Windows 10 must be configured to prevent certificate error overrides in Microsoft Edge.
  • WN10-CC-000252 - Windows 10 must be configured to disable Windows Game Recording and Broadcasting.
Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.5

Sep 10, 2021

Functional Update
  • WN10-CC-000068 - Windows 10 must be configured to enable Remote host allows delegation of non-exportable credentials.
  • WN10-CC-000210 - The Windows Defender SmartScreen for Explorer must be enabled.
  • WN10-CC-000238 - Windows 10 must be configured to prevent certificate error overrides in Microsoft Edge.
  • WN10-CC-000252 - Windows 10 must be configured to disable Windows Game Recording and Broadcasting.
  • WN10-EP-000070 - Exploit Protection mitigations in Windows 10 must be configured for Acrobat.exe.
  • WN10-EP-000080 - Exploit Protection mitigations in Windows 10 must be configured for AcroRd32.exe.
  • WN10-EP-000090 - Exploit Protection mitigations in Windows 10 must be configured for chrome.exe.
  • WN10-EP-000100 - Exploit Protection mitigations in Windows 10 must be configured for EXCEL.EXE.
  • WN10-EP-000110 - Exploit Protection mitigations in Windows 10 must be configured for firefox.exe.
  • WN10-EP-000120 - Exploit Protection mitigations in Windows 10 must be configured for FLTLDR.EXE.
  • WN10-EP-000130 - Exploit Protection mitigations in Windows 10 must be configured for GROOVE.EXE.
  • WN10-EP-000140 - Exploit Protection mitigations in Windows 10 must be configured for iexplore.exe.
  • WN10-EP-000150 - Exploit Protection mitigations in Windows 10 must be configured for INFOPATH.EXE.
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for java.exe.
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for javaw.exe.
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for javaws.exe.
  • WN10-EP-000170 - Exploit Protection mitigations in Windows 10 must be configured for lync.exe.
  • WN10-EP-000180 - Exploit Protection mitigations in Windows 10 must be configured for MSACCESS.EXE.
  • WN10-EP-000190 - Exploit Protection mitigations in Windows 10 must be configured for MSPUB.EXE.
  • WN10-EP-000200 - Exploit Protection mitigations in Windows 10 must be configured for OIS.EXE.
  • WN10-EP-000220 - Exploit Protection mitigations in Windows 10 must be configured for OUTLOOK.EXE.
  • WN10-EP-000230 - Exploit Protection mitigations in Windows 10 must be configured for plugin-container.exe.
  • WN10-EP-000240 - Exploit Protection mitigations in Windows 10 must be configured for POWERPNT.EXE.
  • WN10-EP-000250 - Exploit Protection mitigations in Windows 10 must be configured for PPTVIEW.EXE.
  • WN10-EP-000260 - Exploit Protection mitigations in Windows 10 must be configured for VISIO.EXE.
  • WN10-EP-000270 - Exploit Protection mitigations in Windows 10 must be configured for VPREVIEW.EXE.
  • WN10-EP-000280 - Exploit Protection mitigations in Windows 10 must be configured for WINWORD.EXE.
  • WN10-EP-000290 - Exploit Protection mitigations in Windows 10 must be configured for wmplayer.exe.
  • WN10-EP-000300 - Exploit Protection mitigations in Windows 10 must be configured for wordpad.exe.
Informational Update
  • WN10-EP-000070 - Exploit Protection mitigations in Windows 10 must be configured for Acrobat.exe.
  • WN10-EP-000080 - Exploit Protection mitigations in Windows 10 must be configured for AcroRd32.exe.
  • WN10-EP-000090 - Exploit Protection mitigations in Windows 10 must be configured for chrome.exe.
  • WN10-EP-000100 - Exploit Protection mitigations in Windows 10 must be configured for EXCEL.EXE.
  • WN10-EP-000110 - Exploit Protection mitigations in Windows 10 must be configured for firefox.exe.
  • WN10-EP-000120 - Exploit Protection mitigations in Windows 10 must be configured for FLTLDR.EXE.
  • WN10-EP-000130 - Exploit Protection mitigations in Windows 10 must be configured for GROOVE.EXE.
  • WN10-EP-000140 - Exploit Protection mitigations in Windows 10 must be configured for iexplore.exe.
  • WN10-EP-000150 - Exploit Protection mitigations in Windows 10 must be configured for INFOPATH.EXE.
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for java.exe.
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for javaw.exe.
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for javaws.exe.
  • WN10-EP-000170 - Exploit Protection mitigations in Windows 10 must be configured for lync.exe.
  • WN10-EP-000180 - Exploit Protection mitigations in Windows 10 must be configured for MSACCESS.EXE.
  • WN10-EP-000190 - Exploit Protection mitigations in Windows 10 must be configured for MSPUB.EXE.
  • WN10-EP-000200 - Exploit Protection mitigations in Windows 10 must be configured for OIS.EXE.
  • WN10-EP-000220 - Exploit Protection mitigations in Windows 10 must be configured for OUTLOOK.EXE.
  • WN10-EP-000230 - Exploit Protection mitigations in Windows 10 must be configured for plugin-container.exe.
  • WN10-EP-000240 - Exploit Protection mitigations in Windows 10 must be configured for POWERPNT.EXE.
  • WN10-EP-000250 - Exploit Protection mitigations in Windows 10 must be configured for PPTVIEW.EXE.
  • WN10-EP-000260 - Exploit Protection mitigations in Windows 10 must be configured for VISIO.EXE.
  • WN10-EP-000270 - Exploit Protection mitigations in Windows 10 must be configured for VPREVIEW.EXE.
  • WN10-EP-000280 - Exploit Protection mitigations in Windows 10 must be configured for WINWORD.EXE.
  • WN10-EP-000290 - Exploit Protection mitigations in Windows 10 must be configured for wmplayer.exe.
  • WN10-EP-000300 - Exploit Protection mitigations in Windows 10 must be configured for wordpad.exe.
Added
  • WN10-CC-000206 - Windows Update must not obtain updates from other PCs on the Internet - domain-joined
  • WN10-CC-000206 - Windows Update must not obtain updates from other PCs on the Internet - stand-alone
Removed
  • WN10-CC-000206 - Windows Update must not obtain updates from other PCs on the Internet.
Revision 1.4

Aug 11, 2021

Functional Update
  • WN10-00-000130 - Software certificate installation files must be removed from Windows 10.
  • WN10-CC-000068 - Windows 10 must be configured to enable Remote host allows delegation of non-exportable credentials.
  • WN10-CC-000210 - The Windows Defender SmartScreen for Explorer must be enabled.
  • WN10-CC-000238 - Windows 10 must be configured to prevent certificate error overrides in Microsoft Edge.
  • WN10-CC-000252 - Windows 10 must be configured to disable Windows Game Recording and Broadcasting.
  • WN10-EP-000020 - Windows 10 Exploit Protection system-level mitigation, Data Execution Prevention (DEP), must be on.
  • WN10-EP-000030 - Windows 10 Exploit Protection system-level mitigation, Randomize memory allocations (Bottom-Up ASLR), must be on.
  • WN10-EP-000040 - Windows 10 Exploit Protection system-level mitigation, Control flow guard (CFG), must be on.
  • WN10-EP-000050 - Windows 10 Exploit Protection system-level mitigation, Validate exception chains (SEHOP), must be on.
  • WN10-EP-000060 - Windows 10 Exploit Protection system-level mitigation, Validate heap integrity, must be on.
  • WN10-EP-000090 - Exploit Protection mitigations in Windows 10 must be configured for chrome.exe.
Informational Update
  • WN10-EP-000020 - Windows 10 Exploit Protection system-level mitigation, Data Execution Prevention (DEP), must be on.
  • WN10-EP-000030 - Windows 10 Exploit Protection system-level mitigation, Randomize memory allocations (Bottom-Up ASLR), must be on.
  • WN10-EP-000040 - Windows 10 Exploit Protection system-level mitigation, Control flow guard (CFG), must be on.
  • WN10-EP-000050 - Windows 10 Exploit Protection system-level mitigation, Validate exception chains (SEHOP), must be on.
  • WN10-EP-000060 - Windows 10 Exploit Protection system-level mitigation, Validate heap integrity, must be on.
  • WN10-EP-000090 - Exploit Protection mitigations in Windows 10 must be configured for chrome.exe.
Miscellaneous
  • Metadata updated.
  • References updated.
Added
  • WN10-EP-000070 - Exploit Protection mitigations in Windows 10 must be configured for Acrobat.exe.
  • WN10-EP-000080 - Exploit Protection mitigations in Windows 10 must be configured for AcroRd32.exe.
  • WN10-EP-000100 - Exploit Protection mitigations in Windows 10 must be configured for EXCEL.EXE.
  • WN10-EP-000110 - Exploit Protection mitigations in Windows 10 must be configured for firefox.exe.
  • WN10-EP-000120 - Exploit Protection mitigations in Windows 10 must be configured for FLTLDR.EXE.
  • WN10-EP-000130 - Exploit Protection mitigations in Windows 10 must be configured for GROOVE.EXE.
  • WN10-EP-000140 - Exploit Protection mitigations in Windows 10 must be configured for iexplore.exe.
  • WN10-EP-000150 - Exploit Protection mitigations in Windows 10 must be configured for INFOPATH.EXE.
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for java.exe.
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for javaw.exe.
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for javaws.exe.
  • WN10-EP-000170 - Exploit Protection mitigations in Windows 10 must be configured for lync.exe.
  • WN10-EP-000180 - Exploit Protection mitigations in Windows 10 must be configured for MSACCESS.EXE.
  • WN10-EP-000190 - Exploit Protection mitigations in Windows 10 must be configured for MSPUB.EXE.
  • WN10-EP-000200 - Exploit Protection mitigations in Windows 10 must be configured for OIS.EXE.
  • WN10-EP-000220 - Exploit Protection mitigations in Windows 10 must be configured for OUTLOOK.EXE.
  • WN10-EP-000230 - Exploit Protection mitigations in Windows 10 must be configured for plugin-container.exe.
  • WN10-EP-000240 - Exploit Protection mitigations in Windows 10 must be configured for POWERPNT.EXE.
  • WN10-EP-000250 - Exploit Protection mitigations in Windows 10 must be configured for PPTVIEW.EXE.
  • WN10-EP-000260 - Exploit Protection mitigations in Windows 10 must be configured for VISIO.EXE.
  • WN10-EP-000270 - Exploit Protection mitigations in Windows 10 must be configured for VPREVIEW.EXE.
  • WN10-EP-000280 - Exploit Protection mitigations in Windows 10 must be configured for WINWORD.EXE.
  • WN10-EP-000290 - Exploit Protection mitigations in Windows 10 must be configured for wmplayer.exe.
  • WN10-EP-000300 - Exploit Protection mitigations in Windows 10 must be configured for wordpad.exe.
Removed
  • WN10-EP-000070 - Exploit Protection mitigations in Windows 10 must be configured for Acrobat.exe - ForceRelocateImages
  • WN10-EP-000070 - Exploit Protection mitigations in Windows 10 must be configured for Acrobat.exe - OverrideDEP
  • WN10-EP-000070 - Exploit Protection mitigations in Windows 10 must be configured for Acrobat.exe - OverrideEnableExportAddressFilter
  • WN10-EP-000070 - Exploit Protection mitigations in Windows 10 must be configured for Acrobat.exe - OverrideEnableExportAddressFilterPlus
  • WN10-EP-000070 - Exploit Protection mitigations in Windows 10 must be configured for Acrobat.exe - OverrideEnableImportAddressFilter
  • WN10-EP-000070 - Exploit Protection mitigations in Windows 10 must be configured for Acrobat.exe - OverrideEnableRopCallerCheck
  • WN10-EP-000070 - Exploit Protection mitigations in Windows 10 must be configured for Acrobat.exe - OverrideEnableRopSimExec
  • WN10-EP-000070 - Exploit Protection mitigations in Windows 10 must be configured for Acrobat.exe - OverrideEnableRopStackPivot
  • WN10-EP-000080 - Exploit Protection mitigations in Windows 10 must be configured for AcroRd32.exe - ForceRelocateImages
  • WN10-EP-000080 - Exploit Protection mitigations in Windows 10 must be configured for AcroRd32.exe - OverrideDEP
  • WN10-EP-000080 - Exploit Protection mitigations in Windows 10 must be configured for AcroRd32.exe - OverrideEnableExportAddressFilter
  • WN10-EP-000080 - Exploit Protection mitigations in Windows 10 must be configured for AcroRd32.exe - OverrideEnableExportAddressFilterPlus
  • WN10-EP-000080 - Exploit Protection mitigations in Windows 10 must be configured for AcroRd32.exe - OverrideEnableImportAddressFilter
  • WN10-EP-000080 - Exploit Protection mitigations in Windows 10 must be configured for AcroRd32.exe - OverrideEnableRopCallerCheck
  • WN10-EP-000080 - Exploit Protection mitigations in Windows 10 must be configured for AcroRd32.exe - OverrideEnableRopSimExec
  • WN10-EP-000080 - Exploit Protection mitigations in Windows 10 must be configured for AcroRd32.exe - OverrideEnableRopStackPivot
  • WN10-EP-000100 - Exploit Protection mitigations in Windows 10 must be configured for EXCEL.EXE - ForceRelocateImages
  • WN10-EP-000100 - Exploit Protection mitigations in Windows 10 must be configured for EXCEL.EXE - OverrideDEP
  • WN10-EP-000100 - Exploit Protection mitigations in Windows 10 must be configured for EXCEL.EXE - OverrideEnableExportAddressFilter
  • WN10-EP-000100 - Exploit Protection mitigations in Windows 10 must be configured for EXCEL.EXE - OverrideEnableExportAddressFilterPlus
  • WN10-EP-000100 - Exploit Protection mitigations in Windows 10 must be configured for EXCEL.EXE - OverrideEnableImportAddressFilter
  • WN10-EP-000100 - Exploit Protection mitigations in Windows 10 must be configured for EXCEL.EXE - OverrideEnableRopCallerCheck
  • WN10-EP-000100 - Exploit Protection mitigations in Windows 10 must be configured for EXCEL.EXE - OverrideEnableRopSimExec
  • WN10-EP-000100 - Exploit Protection mitigations in Windows 10 must be configured for EXCEL.EXE - OverrideEnableRopStackPivot
  • WN10-EP-000110 - Exploit Protection mitigations in Windows 10 must be configured for firefox.exe - ForceRelocateImages
  • WN10-EP-000110 - Exploit Protection mitigations in Windows 10 must be configured for firefox.exe - OverrideDEP
  • WN10-EP-000120 - Exploit Protection mitigations in Windows 10 must be configured for FLTLDR.EXE - OverrideChildProcess
  • WN10-EP-000120 - Exploit Protection mitigations in Windows 10 must be configured for FLTLDR.EXE - OverrideDEP
  • WN10-EP-000120 - Exploit Protection mitigations in Windows 10 must be configured for FLTLDR.EXE - OverrideEnableExportAddressFilter
  • WN10-EP-000120 - Exploit Protection mitigations in Windows 10 must be configured for FLTLDR.EXE - OverrideEnableExportAddressFilterPlus
  • WN10-EP-000120 - Exploit Protection mitigations in Windows 10 must be configured for FLTLDR.EXE - OverrideEnableImportAddressFilter
  • WN10-EP-000120 - Exploit Protection mitigations in Windows 10 must be configured for FLTLDR.EXE - OverrideEnableRopCallerCheck
  • WN10-EP-000120 - Exploit Protection mitigations in Windows 10 must be configured for FLTLDR.EXE - OverrideEnableRopSimExec
  • WN10-EP-000120 - Exploit Protection mitigations in Windows 10 must be configured for FLTLDR.EXE - OverrideEnableRopStackPivot
  • WN10-EP-000120 - Exploit Protection mitigations in Windows 10 must be configured for FLTLDR.EXE - OverrideForceRelocateImages
  • WN10-EP-000130 - Exploit Protection mitigations in Windows 10 must be configured for GROOVE.EXE - ForceRelocateImages
  • WN10-EP-000130 - Exploit Protection mitigations in Windows 10 must be configured for GROOVE.EXE - OverrideChildProcess
  • WN10-EP-000130 - Exploit Protection mitigations in Windows 10 must be configured for GROOVE.EXE - OverrideDEP
  • WN10-EP-000130 - Exploit Protection mitigations in Windows 10 must be configured for GROOVE.EXE - OverrideEnableExportAddressFilter
  • WN10-EP-000130 - Exploit Protection mitigations in Windows 10 must be configured for GROOVE.EXE - OverrideEnableExportAddressFilterPlus
  • WN10-EP-000130 - Exploit Protection mitigations in Windows 10 must be configured for GROOVE.EXE - OverrideEnableImportAddressFilter
  • WN10-EP-000130 - Exploit Protection mitigations in Windows 10 must be configured for GROOVE.EXE - OverrideEnableRopCallerCheck
  • WN10-EP-000130 - Exploit Protection mitigations in Windows 10 must be configured for GROOVE.EXE - OverrideEnableRopSimExec
  • WN10-EP-000130 - Exploit Protection mitigations in Windows 10 must be configured for GROOVE.EXE - OverrideEnableRopStackPivot
  • WN10-EP-000130 - Exploit Protection mitigations in Windows 10 must be configured for GROOVE.EXE - OverrideForceRelocateImages
  • WN10-EP-000140 - Exploit Protection mitigations in Windows 10 must be configured for iexplore.exe - ForceRelocateImages
  • WN10-EP-000140 - Exploit Protection mitigations in Windows 10 must be configured for iexplore.exe - OverrideDEP
  • WN10-EP-000140 - Exploit Protection mitigations in Windows 10 must be configured for iexplore.exe - OverrideEnableExportAddressFilter
  • WN10-EP-000140 - Exploit Protection mitigations in Windows 10 must be configured for iexplore.exe - OverrideEnableExportAddressFilterPlus
  • WN10-EP-000140 - Exploit Protection mitigations in Windows 10 must be configured for iexplore.exe - OverrideEnableImportAddressFilter
  • WN10-EP-000140 - Exploit Protection mitigations in Windows 10 must be configured for iexplore.exe - OverrideEnableRopCallerCheck
  • WN10-EP-000140 - Exploit Protection mitigations in Windows 10 must be configured for iexplore.exe - OverrideEnableRopSimExec
  • WN10-EP-000140 - Exploit Protection mitigations in Windows 10 must be configured for iexplore.exe - OverrideEnableRopStackPivot
  • WN10-EP-000150 - Exploit Protection mitigations in Windows 10 must be configured for INFOPATH.EXE - ForceRelocateImages
  • WN10-EP-000150 - Exploit Protection mitigations in Windows 10 must be configured for INFOPATH.EXE - OverrideDEP
  • WN10-EP-000150 - Exploit Protection mitigations in Windows 10 must be configured for INFOPATH.EXE - OverrideEnableExportAddressFilter
  • WN10-EP-000150 - Exploit Protection mitigations in Windows 10 must be configured for INFOPATH.EXE - OverrideEnableExportAddressFilterPlus
  • WN10-EP-000150 - Exploit Protection mitigations in Windows 10 must be configured for INFOPATH.EXE - OverrideEnableImportAddressFilter
  • WN10-EP-000150 - Exploit Protection mitigations in Windows 10 must be configured for INFOPATH.EXE - OverrideEnableRopCallerCheck
  • WN10-EP-000150 - Exploit Protection mitigations in Windows 10 must be configured for INFOPATH.EXE - OverrideEnableRopSimExec
  • WN10-EP-000150 - Exploit Protection mitigations in Windows 10 must be configured for INFOPATH.EXE - OverrideEnableRopStackPivot
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for java.exe, javaw.exe, and javaws.exe - java.exe OverrideDEP
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for java.exe, javaw.exe, and javaws.exe - java.exe OverrideEnableExportAddressFilter
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for java.exe, javaw.exe, and javaws.exe - java.exe OverrideEnableExportAddressFilterPlus
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for java.exe, javaw.exe, and javaws.exe - java.exe OverrideEnableImportAddressFilter
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for java.exe, javaw.exe, and javaws.exe - java.exe OverrideEnableRopCallerCheck
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for java.exe, javaw.exe, and javaws.exe - java.exe OverrideEnableRopSimExec
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for java.exe, javaw.exe, and javaws.exe - java.exe OverrideEnableRopStackPivot
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for java.exe, javaw.exe, and javaws.exe - javaw.exe OverrideDEP
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for java.exe, javaw.exe, and javaws.exe - javaw.exe OverrideEnableExportAddressFilter
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for java.exe, javaw.exe, and javaws.exe - javaw.exe OverrideEnableExportAddressFilterPlus
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for java.exe, javaw.exe, and javaws.exe - javaw.exe OverrideEnableImportAddressFilter
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for java.exe, javaw.exe, and javaws.exe - javaw.exe OverrideEnableRopCallerCheck
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for java.exe, javaw.exe, and javaws.exe - javaw.exe OverrideEnableRopSimExec
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for java.exe, javaw.exe, and javaws.exe - javaw.exe OverrideEnableRopStackPivot
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for java.exe, javaw.exe, and javaws.exe - javaws.exe OverrideDEP
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for java.exe, javaw.exe, and javaws.exe - javaws.exe OverrideEnableExportAddressFilter
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for java.exe, javaw.exe, and javaws.exe - javaws.exe OverrideEnableExportAddressFilterPlus
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for java.exe, javaw.exe, and javaws.exe - javaws.exe OverrideEnableImportAddressFilter
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for java.exe, javaw.exe, and javaws.exe - javaws.exe OverrideEnableRopCallerCheck
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for java.exe, javaw.exe, and javaws.exe - javaws.exe OverrideEnableRopSimExec
  • WN10-EP-000160 - Exploit Protection mitigations in Windows 10 must be configured for java.exe, javaw.exe, and javaws.exe - javaws.exe OverrideEnableRopStackPivot
  • WN10-EP-000170 - Exploit Protection mitigations in Windows 10 must be configured for lync.exe - ForceRelocateImages
  • WN10-EP-000170 - Exploit Protection mitigations in Windows 10 must be configured for lync.exe - OverrideDEP
  • WN10-EP-000170 - Exploit Protection mitigations in Windows 10 must be configured for lync.exe - OverrideEnableExportAddressFilter
  • WN10-EP-000170 - Exploit Protection mitigations in Windows 10 must be configured for lync.exe - OverrideEnableExportAddressFilterPlus
  • WN10-EP-000170 - Exploit Protection mitigations in Windows 10 must be configured for lync.exe - OverrideEnableImportAddressFilter
  • WN10-EP-000170 - Exploit Protection mitigations in Windows 10 must be configured for lync.exe - OverrideEnableRopCallerCheck
  • WN10-EP-000170 - Exploit Protection mitigations in Windows 10 must be configured for lync.exe - OverrideEnableRopSimExec
  • WN10-EP-000170 - Exploit Protection mitigations in Windows 10 must be configured for lync.exe - OverrideEnableRopStackPivot
  • WN10-EP-000180 - Exploit Protection mitigations in Windows 10 must be configured for MSACCESS.EXE - ForceRelocateImages
  • WN10-EP-000180 - Exploit Protection mitigations in Windows 10 must be configured for MSACCESS.EXE - OverrideDEP
  • WN10-EP-000180 - Exploit Protection mitigations in Windows 10 must be configured for MSACCESS.EXE - OverrideEnableExportAddressFilter
  • WN10-EP-000180 - Exploit Protection mitigations in Windows 10 must be configured for MSACCESS.EXE - OverrideEnableExportAddressFilterPlus
  • WN10-EP-000180 - Exploit Protection mitigations in Windows 10 must be configured for MSACCESS.EXE - OverrideEnableImportAddressFilter
  • WN10-EP-000180 - Exploit Protection mitigations in Windows 10 must be configured for MSACCESS.EXE - OverrideEnableRopCallerCheck
  • WN10-EP-000180 - Exploit Protection mitigations in Windows 10 must be configured for MSACCESS.EXE - OverrideEnableRopSimExec
  • WN10-EP-000180 - Exploit Protection mitigations in Windows 10 must be configured for MSACCESS.EXE - OverrideEnableRopStackPivot
  • WN10-EP-000190 - Exploit Protection mitigations in Windows 10 must be configured for MSPUB.EXE - ForceRelocateImages
  • WN10-EP-000190 - Exploit Protection mitigations in Windows 10 must be configured for MSPUB.EXE - OverrideDEP
  • WN10-EP-000190 - Exploit Protection mitigations in Windows 10 must be configured for MSPUB.EXE - OverrideEnableExportAddressFilter
  • WN10-EP-000190 - Exploit Protection mitigations in Windows 10 must be configured for MSPUB.EXE - OverrideEnableExportAddressFilterPlus
  • WN10-EP-000190 - Exploit Protection mitigations in Windows 10 must be configured for MSPUB.EXE - OverrideEnableImportAddressFilter
  • WN10-EP-000190 - Exploit Protection mitigations in Windows 10 must be configured for MSPUB.EXE - OverrideEnableRopCallerCheck
  • WN10-EP-000190 - Exploit Protection mitigations in Windows 10 must be configured for MSPUB.EXE - OverrideEnableRopSimExec
  • WN10-EP-000190 - Exploit Protection mitigations in Windows 10 must be configured for MSPUB.EXE - OverrideEnableRopStackPivot
  • WN10-EP-000200 - Exploit Protection mitigations in Windows 10 must be configured for OIS.EXE - OverrideDEP
  • WN10-EP-000200 - Exploit Protection mitigations in Windows 10 must be configured for OIS.EXE - OverrideEnableExportAddressFilter
  • WN10-EP-000200 - Exploit Protection mitigations in Windows 10 must be configured for OIS.EXE - OverrideEnableExportAddressFilterPlus
  • WN10-EP-000200 - Exploit Protection mitigations in Windows 10 must be configured for OIS.EXE - OverrideEnableImportAddressFilter
  • WN10-EP-000200 - Exploit Protection mitigations in Windows 10 must be configured for OIS.EXE - OverrideEnableRopCallerCheck
  • WN10-EP-000200 - Exploit Protection mitigations in Windows 10 must be configured for OIS.EXE - OverrideEnableRopSimExec
  • WN10-EP-000200 - Exploit Protection mitigations in Windows 10 must be configured for OIS.EXE - OverrideEnableRopStackPivot
  • WN10-EP-000220 - Exploit Protection mitigations in Windows 10 must be configured for OUTLOOK.EXE - ForceRelocateImages
  • WN10-EP-000220 - Exploit Protection mitigations in Windows 10 must be configured for OUTLOOK.EXE - OverrideDEP
  • WN10-EP-000220 - Exploit Protection mitigations in Windows 10 must be configured for OUTLOOK.EXE - OverrideEnableExportAddressFilter
  • WN10-EP-000220 - Exploit Protection mitigations in Windows 10 must be configured for OUTLOOK.EXE - OverrideEnableExportAddressFilterPlus
  • WN10-EP-000220 - Exploit Protection mitigations in Windows 10 must be configured for OUTLOOK.EXE - OverrideEnableImportAddressFilter
  • WN10-EP-000220 - Exploit Protection mitigations in Windows 10 must be configured for OUTLOOK.EXE - OverrideEnableRopCallerCheck
  • WN10-EP-000220 - Exploit Protection mitigations in Windows 10 must be configured for OUTLOOK.EXE - OverrideEnableRopSimExec
  • WN10-EP-000220 - Exploit Protection mitigations in Windows 10 must be configured for OUTLOOK.EXE - OverrideEnableRopStackPivot
  • WN10-EP-000230 - Exploit Protection mitigations in Windows 10 must be configured for plugin-container.exe - Enabled
  • WN10-EP-000230 - Exploit Protection mitigations in Windows 10 must be configured for plugin-container.exe - ExportAddressFilter
  • WN10-EP-000230 - Exploit Protection mitigations in Windows 10 must be configured for plugin-container.exe - ExportAddressFilterPlus
  • WN10-EP-000230 - Exploit Protection mitigations in Windows 10 must be configured for plugin-container.exe - ImportAddressFilter
  • WN10-EP-000230 - Exploit Protection mitigations in Windows 10 must be configured for plugin-container.exe - OverrideEnableExportAddressFilter
  • WN10-EP-000230 - Exploit Protection mitigations in Windows 10 must be configured for plugin-container.exe - OverrideEnableExportAddressFilterPlus
  • WN10-EP-000230 - Exploit Protection mitigations in Windows 10 must be configured for plugin-container.exe - OverrideEnableImportAddressFilter
  • WN10-EP-000230 - Exploit Protection mitigations in Windows 10 must be configured for plugin-container.exe - OverrideEnableRopCallerCheck
  • WN10-EP-000230 - Exploit Protection mitigations in Windows 10 must be configured for plugin-container.exe - OverrideEnableRopSimExec
  • WN10-EP-000230 - Exploit Protection mitigations in Windows 10 must be configured for plugin-container.exe - OverrideEnableRopStackPivot
  • WN10-EP-000230 - Exploit Protection mitigations in Windows 10 must be configured for plugin-container.exe - RopCallerCheck
  • WN10-EP-000230 - Exploit Protection mitigations in Windows 10 must be configured for plugin-container.exe - RopSimExec
  • WN10-EP-000230 - Exploit Protection mitigations in Windows 10 must be configured for plugin-container.exe - RopStackPivot
  • WN10-EP-000240 - Exploit Protection mitigations in Windows 10 must be configured for POWERPNT.EXE - ForceRelocateImages
  • WN10-EP-000240 - Exploit Protection mitigations in Windows 10 must be configured for POWERPNT.EXE - OverrideDEP
  • WN10-EP-000240 - Exploit Protection mitigations in Windows 10 must be configured for POWERPNT.EXE - OverrideEnableExportAddressFilter
  • WN10-EP-000240 - Exploit Protection mitigations in Windows 10 must be configured for POWERPNT.EXE - OverrideEnableExportAddressFilterPlus
  • WN10-EP-000240 - Exploit Protection mitigations in Windows 10 must be configured for POWERPNT.EXE - OverrideEnableImportAddressFilter
  • WN10-EP-000240 - Exploit Protection mitigations in Windows 10 must be configured for POWERPNT.EXE - OverrideEnableRopCallerCheck
  • WN10-EP-000240 - Exploit Protection mitigations in Windows 10 must be configured for POWERPNT.EXE - OverrideEnableRopSimExec
  • WN10-EP-000240 - Exploit Protection mitigations in Windows 10 must be configured for POWERPNT.EXE - OverrideEnableRopStackPivot
  • WN10-EP-000250 - Exploit Protection mitigations in Windows 10 must be configured for PPTVIEW.EXE - ForceRelocateImages
  • WN10-EP-000250 - Exploit Protection mitigations in Windows 10 must be configured for PPTVIEW.EXE - OverrideDEP
  • WN10-EP-000250 - Exploit Protection mitigations in Windows 10 must be configured for PPTVIEW.EXE - OverrideEnableExportAddressFilter
  • WN10-EP-000250 - Exploit Protection mitigations in Windows 10 must be configured for PPTVIEW.EXE - OverrideEnableExportAddressFilterPlus
  • WN10-EP-000250 - Exploit Protection mitigations in Windows 10 must be configured for PPTVIEW.EXE - OverrideEnableImportAddressFilter
  • WN10-EP-000250 - Exploit Protection mitigations in Windows 10 must be configured for PPTVIEW.EXE - OverrideEnableRopCallerCheck
  • WN10-EP-000250 - Exploit Protection mitigations in Windows 10 must be configured for PPTVIEW.EXE - OverrideEnableRopSimExec
  • WN10-EP-000250 - Exploit Protection mitigations in Windows 10 must be configured for PPTVIEW.EXE - OverrideEnableRopStackPivot
  • WN10-EP-000260 - Exploit Protection mitigations in Windows 10 must be configured for VISIO.EXE - ForceRelocateImages
  • WN10-EP-000260 - Exploit Protection mitigations in Windows 10 must be configured for VISIO.EXE - OverrideDEP
  • WN10-EP-000260 - Exploit Protection mitigations in Windows 10 must be configured for VISIO.EXE - OverrideEnableExportAddressFilter
  • WN10-EP-000260 - Exploit Protection mitigations in Windows 10 must be configured for VISIO.EXE - OverrideEnableExportAddressFilterPlus
  • WN10-EP-000260 - Exploit Protection mitigations in Windows 10 must be configured for VISIO.EXE - OverrideEnableImportAddressFilter
  • WN10-EP-000260 - Exploit Protection mitigations in Windows 10 must be configured for VISIO.EXE - OverrideEnableRopCallerCheck
  • WN10-EP-000260 - Exploit Protection mitigations in Windows 10 must be configured for VISIO.EXE - OverrideEnableRopSimExec
  • WN10-EP-000260 - Exploit Protection mitigations in Windows 10 must be configured for VISIO.EXE - OverrideEnableRopStackPivot
  • WN10-EP-000270 - Exploit Protection mitigations in Windows 10 must be configured for VPREVIEW.EXE - ForceRelocateImages
  • WN10-EP-000270 - Exploit Protection mitigations in Windows 10 must be configured for VPREVIEW.EXE - OverrideDEP
  • WN10-EP-000270 - Exploit Protection mitigations in Windows 10 must be configured for VPREVIEW.EXE - OverrideEnableExportAddressFilter
  • WN10-EP-000270 - Exploit Protection mitigations in Windows 10 must be configured for VPREVIEW.EXE - OverrideEnableExportAddressFilterPlus
  • WN10-EP-000270 - Exploit Protection mitigations in Windows 10 must be configured for VPREVIEW.EXE - OverrideEnableImportAddressFilter
  • WN10-EP-000270 - Exploit Protection mitigations in Windows 10 must be configured for VPREVIEW.EXE - OverrideEnableRopCallerCheck
  • WN10-EP-000270 - Exploit Protection mitigations in Windows 10 must be configured for VPREVIEW.EXE - OverrideEnableRopSimExec
  • WN10-EP-000270 - Exploit Protection mitigations in Windows 10 must be configured for VPREVIEW.EXE - OverrideEnableRopStackPivot
  • WN10-EP-000280 - Exploit Protection mitigations in Windows 10 must be configured for WINWORD.EXE - ForceRelocateImages
  • WN10-EP-000280 - Exploit Protection mitigations in Windows 10 must be configured for WINWORD.EXE - OverrideDEP
  • WN10-EP-000280 - Exploit Protection mitigations in Windows 10 must be configured for WINWORD.EXE - OverrideEnableExportAddressFilter
  • WN10-EP-000280 - Exploit Protection mitigations in Windows 10 must be configured for WINWORD.EXE - OverrideEnableExportAddressFilterPlus
  • WN10-EP-000280 - Exploit Protection mitigations in Windows 10 must be configured for WINWORD.EXE - OverrideEnableImportAddressFilter
  • WN10-EP-000280 - Exploit Protection mitigations in Windows 10 must be configured for WINWORD.EXE - OverrideEnableRopCallerCheck
  • WN10-EP-000280 - Exploit Protection mitigations in Windows 10 must be configured for WINWORD.EXE - OverrideEnableRopSimExec
  • WN10-EP-000280 - Exploit Protection mitigations in Windows 10 must be configured for WINWORD.EXE - OverrideEnableRopStackPivot
  • WN10-EP-000290 - Exploit Protection mitigations in Windows 10 must be configured for wmplayer.exe - OverrideDEP
  • WN10-EP-000290 - Exploit Protection mitigations in Windows 10 must be configured for wmplayer.exe - OverrideEnableExportAddressFilter
  • WN10-EP-000290 - Exploit Protection mitigations in Windows 10 must be configured for wmplayer.exe - OverrideEnableExportAddressFilterPlus
  • WN10-EP-000290 - Exploit Protection mitigations in Windows 10 must be configured for wmplayer.exe - OverrideEnableImportAddressFilter
  • WN10-EP-000290 - Exploit Protection mitigations in Windows 10 must be configured for wmplayer.exe - OverrideEnableRopCallerCheck
  • WN10-EP-000290 - Exploit Protection mitigations in Windows 10 must be configured for wmplayer.exe - OverrideEnableRopSimExec
  • WN10-EP-000290 - Exploit Protection mitigations in Windows 10 must be configured for wmplayer.exe - OverrideEnableRopStackPivot
  • WN10-EP-000300 - Exploit Protection mitigations in Windows 10 must be configured for wordpad.exe - OverrideDEP
  • WN10-EP-000300 - Exploit Protection mitigations in Windows 10 must be configured for wordpad.exe - OverrideEnableExportAddressFilter
  • WN10-EP-000300 - Exploit Protection mitigations in Windows 10 must be configured for wordpad.exe - OverrideEnableExportAddressFilterPlus
  • WN10-EP-000300 - Exploit Protection mitigations in Windows 10 must be configured for wordpad.exe - OverrideEnableImportAddressFilter
  • WN10-EP-000300 - Exploit Protection mitigations in Windows 10 must be configured for wordpad.exe - OverrideEnableRopCallerCheck
  • WN10-EP-000300 - Exploit Protection mitigations in Windows 10 must be configured for wordpad.exe - OverrideEnableRopSimExec
  • WN10-EP-000300 - Exploit Protection mitigations in Windows 10 must be configured for wordpad.exe - OverrideEnableRopStackPivot
Revision 1.3

Jul 30, 2021

Functional Update
  • WN10-CC-000068 - Windows 10 must be configured to enable Remote host allows delegation of non-exportable credentials.
  • WN10-CC-000210 - The Windows Defender SmartScreen for Explorer must be enabled.
  • WN10-CC-000238 - Windows 10 must be configured to prevent certificate error overrides in Microsoft Edge.
  • WN10-CC-000252 - Windows 10 must be configured to disable Windows Game Recording and Broadcasting.
Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.2

Jun 22, 2021

Functional Update
  • WN10-AU-000515 - Windows 10 permissions for the Application event log must prevent access by non-privileged accounts.
  • WN10-AU-000520 - Windows 10 permissions for the Security event log must prevent access by non-privileged accounts.
  • WN10-AU-000525 - Windows 10 permissions for the System event log must prevent access by non-privileged accounts.
  • WN10-CC-000068 - Windows 10 must be configured to enable Remote host allows delegation of non-exportable credentials.
  • WN10-CC-000210 - The Windows Defender SmartScreen for Explorer must be enabled.
  • WN10-CC-000238 - Windows 10 must be configured to prevent certificate error overrides in Microsoft Edge.
  • WN10-CC-000252 - Windows 10 must be configured to disable Windows Game Recording and Broadcasting.
Revision 1.1

Jun 17, 2021

Functional Update
  • WN10-CC-000068 - Windows 10 must be configured to enable Remote host allows delegation of non-exportable credentials.
  • WN10-CC-000210 - The Windows Defender SmartScreen for Explorer must be enabled.
  • WN10-CC-000238 - Windows 10 must be configured to prevent certificate error overrides in Microsoft Edge.
  • WN10-CC-000252 - Windows 10 must be configured to disable Windows Game Recording and Broadcasting.
Miscellaneous
  • Metadata updated.
  • References updated.