PROCESS_MITIGATION_POLICY enumeration (winnt.h)
Represents the different process mitigation policies.
Syntax
typedef enum _PROCESS_MITIGATION_POLICY {
ProcessDEPPolicy,
ProcessASLRPolicy,
ProcessDynamicCodePolicy,
ProcessStrictHandleCheckPolicy,
ProcessSystemCallDisablePolicy,
ProcessMitigationOptionsMask,
ProcessExtensionPointDisablePolicy,
ProcessControlFlowGuardPolicy,
ProcessSignaturePolicy,
ProcessFontDisablePolicy,
ProcessImageLoadPolicy,
ProcessSystemCallFilterPolicy,
ProcessPayloadRestrictionPolicy,
ProcessChildProcessPolicy,
ProcessSideChannelIsolationPolicy,
ProcessUserShadowStackPolicy,
ProcessRedirectionTrustPolicy,
ProcessUserPointerAuthPolicy,
ProcessSEHOPPolicy,
MaxProcessMitigationPolicy
} PROCESS_MITIGATION_POLICY, *PPROCESS_MITIGATION_POLICY;
Constants
ProcessDEPPolicyThe data execution prevention (DEP) policy of the process. |
ProcessASLRPolicyThe Address Space Layout Randomization (ASLR) policy of the process. |
ProcessDynamicCodePolicyThe policy that turns off the ability of the process to generate dynamic code or modify existing executable code. |
ProcessStrictHandleCheckPolicyThe process will receive a fatal error if it manipulates an invalid handle. Useful for preventing downstream problems in a process due to handle misuse. |
ProcessSystemCallDisablePolicyDisables the ability to use NTUser/GDI functions at the lowest layer. |
ProcessMitigationOptionsMaskReturns the mask of valid bits for all the mitigation options on the system. An application can set many mitigation options without querying the operating system for mitigation options by combining bitwise with the mask to exclude all non-supported bits at once. |
ProcessExtensionPointDisablePolicyThe policy that prevents some built-in third party extension points from being turned on, which prevents legacy extension point DLLs from being loaded into the process. |
ProcessControlFlowGuardPolicyThe Control Flow Guard (CFG) policy of the process. |
ProcessSignaturePolicyThe policy of a process that can restrict image loading to those images that are either signed by Microsoft, by the Windows Store, or by Microsoft, the Windows Store and the Windows Hardware Quality Labs (WHQL). |
ProcessFontDisablePolicyThe policy that turns off the ability of the process to load non-system fonts. |
ProcessImageLoadPolicyThe policy that turns off the ability of the process to load images from some locations, such a remote devices or files that have the low mandatory label. |
ProcessSystemCallFilterPolicyThe system call filter policy of the process. |
ProcessPayloadRestrictionPolicyThe payload restriction policy of the process. |
ProcessChildProcessPolicyThe child process policy of the process. |
ProcessSideChannelIsolationPolicyThe side channel isolation policy of the process. |
ProcessUserShadowStackPolicyWindows 10, version 2004 and above: The policy regarding user-mode Hardware-enforced Stack Protection for the process. |
ProcessRedirectionTrustPolicyThe RedirectionGuard policy of the process. |
ProcessUserPointerAuthPolicyThe user pointer authentication policy of the process. |
ProcessSEHOPPolicyThe Structured Exception Handling Overwrite Protection (SEHOP) policy of the process. |
MaxProcessMitigationPolicyEnds the enumeration. |
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows 8 [desktop apps only] |
| Minimum supported server | Windows Server 2012 [desktop apps only] |
| Header | winnt.h (include Windows.h) |
See also
GetProcessMitigationPolicy function, SetProcessMitigationPolicy function
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for