Skip to content

Harden Windows Security v.0.7.1
Compare
Choose a tag to compare
@HotCakeX HotCakeX released this 02 Jan 18:29
· 66 commits to main since this release
Hardening-Module-v.0.7.1
3ea3b8d
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

What's New

  • During the compliance checking, MDM results that are not used by the module are no longer collected, improving the performance and speed, especially on lower end hardware.

  • Adjusted the TLS Category's Intune Json config to match the new schema.

  • Added a new sub-category for the TLS category, called "TLS for BattleNet". When selected, the TLS category will deploy the group policy that has the extra cipher suite TLS_RSA_WITH_AES_256_CBC_SHA which is less secure but required for BattleNet client to connect to its servers. Fixes -> #489

    • This means BattleNet client is no longer automatically detected on the system because there are times when it's installed in non-default location. Now the user is in control to decide whether to use the extra cipher suite or not.

  • WDACConfig module is no longer used/installed for Downloads Defense Measures category. All the necessary logic for policy creation is now implemented natively. This substantially improves the performance and allows for full offline usage of this category and its sub-categories.

    • This also facilitates the deprecation of the WDACConfig module which is replaced with the new modern AppControl Manager.

PR: #494


Assets 2
Loading