Exploit Prevention

The Exploit Prevention component tracks executable files that are run by vulnerable applications. When there is an attempt to run an executable file from a vulnerable application that was not performed by the user, Kaspersky Endpoint Security blocks this file from running. Information about the blocked launch of the executable file is stored in the Exploit Prevention report.

Exploit Prevention component settings

Parameter	Description
On detecting exploit	Block operation. If this option is selected, on detection of an exploit Kaspersky Endpoint Security blocks all operations attempted by the exploit. Inform. If this option is selected and an exploit is detected, Kaspersky Endpoint Security adds information about this exploit to the list of active threats.
System processes memory protection	If this toggle button is switched on, Kaspersky Endpoint Security blocks external processes that attempt to access system process memory.

See also: Managing the application via the local interface

Enabling and disabling Exploit Prevention

Configuring Exploit Prevention

Page top