SetProcessMitigationPolicy function (processthreadsapi.h)

Sets a mitigation policy for the calling process. Mitigation policies enable a process to harden itself against various types of attacks.

Syntax

BOOL SetProcessMitigationPolicy(
  [in] PROCESS_MITIGATION_POLICY MitigationPolicy,
  [in] PVOID                     lpBuffer,
  [in] SIZE_T                    dwLength
);

Parameters

[in] MitigationPolicy

The mitigation policy to apply. This parameter can be one of the following values.

Value Meaning
ProcessDEPPolicy The data execution prevention (DEP) policy of the process.
The lpBuffer parameter points to a PROCESS_MITIGATION_DEP_POLICY structure that specifies the DEP policy flags.
ProcessASLRPolicy The Address Space Layout Randomization (ASLR) policy of the process.
The lpBuffer parameter points to a PROCESS_MITIGATION_ASLR_POLICY structure that specifies the ASLR policy flags.
ProcessDynamicCodePolicy The dynamic code policy of the process. When turned on, the process cannot generate dynamic code or modify existing executable code.
The lpBuffer parameter points to a PROCESS_MITIGATION_DYNAMIC_CODE_POLICY structure that specifies the dynamic code policy flags.
ProcessStrictHandleCheckPolicy The process will receive a fatal error if it manipulates a handle that is not valid.
The lpBuffer parameter points to a PROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY structure that specifies the handle check policy flags.
ProcessSystemCallDisablePolicy Disables the ability to use NTUser/GDI functions at the lowest layer.
The lpBuffer parameter points to a PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY structure that specifies the system call disable policy flags.
ProcessMitigationOptionsMask Returns the mask of valid bits for all the mitigation options on the system. An application can set many mitigation options without querying the operating system for mitigation options by combining bitwise with the mask to exclude all non-supported bits at once.
The lpBuffer parameter points to a ULONG64 bit vector for the mask, or to accommodate more than 64 bits, a two-element array of ULONG64 bit vectors.
ProcessExtensionPointDisablePolicy The lpBuffer parameter points to a PROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY structure that specifies the extension point disable policy flags.
ProcessControlFlowGuardPolicy The Control Flow Guard (CFG) policy of the process.
The lpBuffer parameter points to a PROCESS_MITIGATION_CONTROL_FLOW_GUARD_POLICY structure that specifies the CFG policy flags.
ProcessSignaturePolicy The policy of a process that can restrict image loading to those images that are either signed by Microsoft, by the Windows Store, or by Microsoft, the Windows Store and the Windows Hardware Quality Labs (WHQL).
he lpBuffer parameter points to a PROCESS_MITIGATION_BINARY_SIGNATURE_POLICY structure that specifies the signature policy flags.
ProcessFontDisablePolicy The policy regarding font loading for the process. When turned on, the process cannot load non-system fonts.
The lpBuffer parameter points to a PROCESS_MITIGATION_FONT_DISABLE_POLICY structure that specifies the policy flags for font loading.
ProcessImageLoadPolicy The policy regarding image loading for the process, which determines the types of executable images that are allowed to be mapped into the process. When turned on, images cannot be loaded from some locations, such a remote devices or files that have the low mandatory label.
The lpBuffer parameter points to a PROCESS_MITIGATION_IMAGE_LOAD_POLICY structure that specifies the policy flags for image loading.
ProcessRedirectionTrustPolicy The RedirectionGuard policy of a process. The lpBuffer parameter points to a PROCESS_MITIGATION_REDIRECTION_TRUST_POLICY structure that specifies the mitigation mode.
ProcessSideChannelIsolationPolicy Windows 10, version 1809 and above: The policy regarding isolation of side channels for the specified process.
The lpBuffer parameter points to a PROCESS_MITIGATION_SIDE_CHANNEL_ISOLATION_POLICY structure that specifies the policy flags for side channel isolation.
ProcessUserShadowStackPolicy Windows 10, version 2004 and above: The policy regarding user-mode Hardware-enforced Stack Protection for the process.
The lpBuffer parameter points to a PROCESS_MITIGATION_USER_SHADOW_STACK_POLICY structure that specifies the policy flags for user-mode Hardware-enforced Stack Protection.

[in] lpBuffer

If the MitigationPolicy parameter is ProcessDEPPolicy, this parameter points to a PROCESS_MITIGATION_DEP_POLICY structure that specifies the DEP policy flags.

If the MitigationPolicy parameter is ProcessASLRPolicy, this parameter points to a PROCESS_MITIGATION_ASLR_POLICY structure that specifies the ASLR policy flags.

If the MitigationPolicy parameter is ProcessImageLoadPolicy, this parameter points to a PROCESS_MITIGATION_IMAGE_LOAD_POLICY structure that receives the policy flags for image loading.

If the MitigationPolicy parameter is ProcessStrictHandleCheckPolicy, this parameter points to a PROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY structure that specifies the handle check policy flags.

If the MitigationPolicy parameter is ProcessSystemCallDisablePolicy, this parameter points to a PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY structure that specifies the system call disable policy flags.

If the MitigationPolicy parameter is ProcessMitigationOptionsMask, this parameter points to a ULONG64 bit vector for the mask, or to accommodate more than 64 bits, a two-element array of ULONG64 bit vectors.

If the MitigationPolicy parameter is ProcessExtensionPointDisablePolicy, this parameter points to a PROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY structure that specifies the extension point disable policy flags.

If the MitigationPolicy parameter is ProcessControlFlowGuardPolicy, this parameter points to a PROCESS_MITIGATION_CONTROL_FLOW_GUARD_POLICY structure that specifies the CFG policy flags.

If the MitigationPolicy parameter is ProcessSignaturePolicy, this parameter points to a PROCESS_MITIGATION_BINARY_SIGNATURE_POLICY structure that specifies the signature policy flags.

If the MitigationPolicy parameter is ProcessFontDisablePolicy, this parameter points to a PROCESS_MITIGATION_FONT_DISABLE_POLICY structure that specifies the policy flags for font loading.

If the MitigationPolicy parameter is ProcessImageLoadPolicy, this parameter points to a PROCESS_MITIGATION_IMAGE_LOAD_POLICY structure that specifies the policy flags for image loading.

If the MitigationPolicy parameter is ProcessRedirectionTrustPolicy, this parameter points to a PROCESS_MITIGATION_REDIRECTION_TRUST_POLICY structure that specifies the mitigation mode.

If the MitigationPolicy parameter is ProcessUserShadowStackPolicy, this parameter points to a PROCESS_MITIGATION_USER_SHADOW_STACK_POLICY structure that specifies the policy flags for user-mode Hardware-enforced Stack Protection.

[in] dwLength

The size of lpBuffer, in bytes.

Return value

If the function succeeds, it returns TRUE. If the function fails, it returns FALSE. To retrieve error values defined for this function, call GetLastError.

Remarks

Setting mitigation policy for a process helps prevent an attacker from exploiting security vulnerabilities. Use the SetProcessMitigationPolicy function to enable or disable security mitigation programmatically.

For maximum effectiveness, mitigation policies should be applied before or during process initialization. For example, setting the ASLR policy that enables forced relocation of images is effective only if it is applied before all of the images in a process have been loaded.

ASLR mitigation policies cannot be made less restrictive after they have been applied.

To compile an application that uses this function, set _WIN32_WINNT >= 0x0602. For more information, see Using the Windows Headers.

Requirements

Requirement Value
Minimum supported client Windows 8 [desktop apps only]
Minimum supported server Windows Server 2012 [desktop apps only]
Target Platform Windows
Header processthreadsapi.h
Library Kernel32.lib
DLL Kernel32.dll