Information
Without heap termination on corruption, legacy plug-in applications may continue to function when a File Explorer session has become corrupt. Ensuring that heap termination on corruption is active will prevent this.
The recommended state for this setting is: Disabled.
Rationale:
Allowing an application to function after its session has become corrupt increases the risk posture to the system.
Solution
To establish the recommended configuration via GP, set the following UI path to Disabled:
Computer Configuration\Policies\Administrative Templates\Windows Components\File Explorer\Turn off heap termination on corruption
Note: This Group Policy path is provided by the Group Policy template Explorer.admx/adml that is included with all versions of the Microsoft Windows Administrative Templates.
Impact:
None - this is the default behavior.
Default Value:
Disabled. (Heap termination on corruption is enabled.)
References:
1. CCE-33745-1