Exclude events from exploit prevention

You can exclude applications and exploit prevention events from exploit prevention by selecting specific events from the event viewer.

  1. On the Events menu, click Exploit Prevention Events.
    The Event Viewer dialog box appears.
  2. If you want to display only certain events, in the Search criteria pane, set the filters as appropriate and click Search to display the events.

    For more information, see View exploit prevention events.

  3. Click on an event then click Exclude.
    The Exploit Prevention Exclusions dialog box appears.
  4. Click the policy you want to change. To change the settings for all policies, click Select All.
  5. Under the Exploit event or Application section, click Exclude.
  6. Click OK.

The exploit prevention event or application will be excluded from exploit prevention for the policies selected.