Enabling and disabling exploit prevention

An exploit is program code that uses some kind of vulnerability in the system or software. Exploits are often used to install malware on the computer without the user’s knowledge. See also: Knowledge Base.

Exploit Prevention is enabled by default. You can disable Exploit Prevention, if necessary.

To enable or disable the Exploit Prevention via Kaspersky Security Center:

  1. Open Kaspersky Security Center Administration Console.
  2. In the Managed devices folder of the console tree, open the folder with the name of the administration group to which the relevant protected virtual machines belong.
  3. In the workspace, select the Policies tab.
  4. Select a Light Agent for Windows policy in the list of policies and open the Properties: <Policy name> by double-clicking.
  5. In the Light Agent for Windows policy properties window, select the System Watcher section in the list on the left.

    In the right part of the window, the System Watcher component's settings are displayed.

  6. In the General settings section, perform one of the following actions:
    • Select the Enable Exploit Prevention check box if you want Kaspersky Security to monitor executable files that are run by vulnerable applications.

      If Kaspersky Security detects that an executable file from a vulnerable application was run by something other than the user, it blocks this file from running.

    • Clear the Enable Exploit Prevention check box if you do not want Kaspersky Security to monitor executable files that are run by vulnerable applications.
  7. Click the Apply button.

To enable or disable the Exploit Prevention in local interface:

  1. On the protected virtual machine, open the application settings window.
  2. In the left part of the window, in the Anti-Virus protection section, select System Watcher.

    In the right part of the window, the System Watcher component's settings are displayed.

    If the settings in the local interface are not available, this means that the values of settings defined by the policy are used for all protected virtual machines of the administration group.

  3. Do one of the following:
    • Select the Enable Exploit Prevention check box if you want Kaspersky Security to monitor executable files that are run by vulnerable applications.

      If Kaspersky Security detects that an executable file from a vulnerable application was run by something other than the user, it blocks this file from running.

    • Clear the Enable Exploit Prevention check box if you do not want Kaspersky Security to monitor executable files that are run by vulnerable applications.
  4. To save changes, click the Save button.
Page top