Forum Discussion

Mughal1's avatar
Mughal1
Copper Contributor
Sep 02, 2021

Win2019 standalone baseline testing (lab)

Hello,   I'm running a Win2019 Core lab instance where I'm experimenting with the application of an SCT baseline to harden the system. The use case for the production rollout would be for an standa...
Rick_Munck's avatar
Rick_Munck
Icon for Microsoft rankMicrosoft
Nov 22, 2021
It looks like you are failing on the Exploit Protection portion of the script which we have removed from all baselines starting in the fall of 2019.
Ian-Cervantez-Volusion's avatar
Ian-Cervantez-Volusion
Copper Contributor
Apr 09, 2022

Rick_Munck Can you shed some light on where to get the latest baseline?  The version I downloaded said it was published on 3/4/2022.  It still has the following lines:

LogAndShowProgress "Installing Exploit Protection settings..."
# TODO: Some way to capture this output?
Set-ProcessMitigation -PolicyFilePath $rootDir\ConfigFiles\EP.xml

 

Based on your statement, it sounds like this has been removed from all baselines for a few years now??

 

I've downloaded it from https://www.microsoft.com/en-us/download/details.aspx?id=55319

  • Rick_Munck's avatar
    Rick_Munck
    Icon for Microsoft rankMicrosoft
    Apr 11, 2022

    Ian-Cervantez-Volusion it depends on what version you are referring to.  Starting in version 1909 we no longer include Exploit Protection settings.  The baselines are point in time and evolved with each version.  For 2019 I would recommend using the 20H2 baseline. 

Resources