Harden Windows Security v0.7.1

[HotCakeX]

What's New

• During the compliance checking, MDM results that are not used by the module are no longer collected, improving the performance and speed, especially on lower end hardware.

• Adjusted the TLS Category's Intune Json config to match the new schema.

• Added a new sub-category for the TLS category, called "TLS for BattleNet". When selected, the TLS category will deploy the group policy that has the extra cipher suite TLS_RSA_WITH_AES_256_CBC_SHA which is less secure but required for BattleNet client to connect to its servers. Fixes -> [BUG?]: TLS Security fix for Battle.net not working #489

  • This means BattleNet client is no longer automatically detected on the system because there are times when it's installed in non-default location. Now the user is in control to decide whether to use the extra cipher suite or not.

• WDACConfig module is no longer used/installed for Downloads Defense Measures category. All the necessary logic for policy creation is now implemented natively. This substantially improves the performance and allows for full offline usage of this category and its sub-categories.

  • This also facilitates the deprecation of the WDACConfig module which is replaced with the new modern AppControl Manager.

Copilot reviewed 6 out of 21 changed files in this pull request and generated no comments.

Files not reviewed (15)

• Harden-Windows-Security Module/Main files/Harden-Windows-Security-Module.psd1: Language not supported
• Harden-Windows-Security Module/Main files/Harden-Windows-Security-Module.psm1: Language not supported
• Harden-Windows-Security Module/Main files/Resources/Dangerous-Script-Hosts-Blocking.xml: Language not supported
• Harden-Windows-Security Module/Main files/Resources/Downloads-Defense-Measures.xml: Language not supported
• Harden-Windows-Security Module/Main files/Resources/MDMResultClasses.csv: Language not supported
• Harden-Windows-Security Module/Main files/Resources/Registry resources.csv: Language not supported
• Harden-Windows-Security Module/Main files/Resources/XAML/Protect.xaml: Language not supported
• Harden-Windows-Security Module/version.txt: Language not supported
• Harden-Windows-Security Module/Main files/C#/Types/CiPolicyInfo.cs: Evaluated as low risk
• Harden-Windows-Security Module/Main files/C#/GUI/Protection/Variables.cs: Evaluated as low risk
• Harden-Windows-Security Module/Main files/C#/Unprotect Methods/UnprotectWindowsSecurity.cs: Evaluated as low risk
• Harden-Windows-Security Module/Main files/C#/CimInstances/MDM.cs: Evaluated as low risk
• Harden-Windows-Security Module/Main files/C#/GUI/Protection/EventHandlers.cs: Evaluated as low risk
• Harden-Windows-Security Module/Main files/C#/Protect Methods/TLSSecurity.cs: Evaluated as low risk
• Harden-Windows-Security Module/Main files/C#/Others/CategoryProcessing.cs: Evaluated as low risk

Comments suppressed due to low confidence (2)

Harden-Windows-Security Module/Main files/C#/Protect Methods/TLSSecurity_BattleNetClient.cs:17

• [nitpick] The exception message could be more descriptive. Consider changing it to 'GlobalVars.path cannot be null in TLSSecurity_BattleNetClient method.'

throw new ArgumentNullException("GlobalVars.path cannot be null.");

Harden-Windows-Security Module/Main files/C#/Protect Methods/TLSSecurity_BattleNetClient.cs:12

• The new behavior introduced by the TLSSecurity_BattleNetClient method is not covered by tests.

public static void TLSSecurity_BattleNetClient()