Support

Support for business applications

Kaspersky Security 11.x for Windows Server

Exploit Prevention

Managing Exploit Prevention via the Application Console

Adding a process to the protection scope

Kaspersky Security 11.x for Windows Server
Нет результатов
Knowledge Base Online Help
Advice & Solutions FAQ Download Buy Renew Forum Contact support Recovery tools

Adding a process to the protection scope

June 10, 2022

ID 179844

Save as PDF

The Exploit Prevention component protects several processes by default. You can uncheck the processes that you don't want to protect in the list of protected processes.

To add a process to the list of protected processes:

  1. Open the Processes protection settings window.
  2. To add a process to protect it from abuse and to reduce the potential impact of an exploit, perform the following actions:
    1. Click the Browse button.

      The standard Microsoft Windows Open window opens.

    2. In the window that opens select a process you want to add to the list.
    3. Click the Open button.
    4. Click the Add button.

      The process will be added to the list of protected processes.

  3. Select a process in the list.
  4. The current configuration is displayed on the Process protection settings tab:
    • Process name.
    • Is being executed.
    • Exploit prevention techniques applied.
    • Attack Surface Reduction settings.
  5. To modify the exploit prevention techniques that are applied to the process, select the Exploit prevention techniques tab.
  6. Select one of the options for applying impact reduction techniques:
    • Apply all available exploit prevention techniques.

      If this option is selected, the list cannot be edited. By default, all available techniques are applied to a process.

    • Apply listed exploit prevention techniques for the process.

      If this option is selected, you can edit the list of impact reduction techniques applied:

      1. Select the check boxes next to the techniques that you want to apply to protect the selected process.
  7. Configure settings for the Attack Surface Reduction technique:
    • Enter the names of the modules whose launch will be blocked from the protected process in the Deny modules field.
    • In the Do not deny modules if launched in the Internet Zone section, select the check boxes next to the options for which you want to allow modules to be launched:
      • Internet
      • Local intranet
      • Trusted URL
      • Restricted sites
      • Computer

      These settings only apply to Internet Explorer®.

  8. Click Save.

The process is added to the task protection scope.

Kaspersky Security for Windows Server: Prompt detection of all kinds of threats
Launch control and exploit prevention for businesses of all sizes. Buy as part of Endpoint Security for Business Advanced.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.