github HotCakeX/Harden-Windows-Security HardenSystemSecurity-v1.0.33.0
Harden System Security v1.0.33.0
on GitHub

10 hours ago

What's New

  • Removed a policy from the Optional Overrides category, named Disabled "Configure password backup directory".

    • This is to increase compatibility with Windows Servers. This was the policy's description in the wiki document: Microsoft Security Baselines set its value to "Active Directory", but since the Harden System Security app does not apply to computers managed by domain controllers or Entra ID, there is no need for this policy to be active.

    • As part of addressing this feature request, the policy has been removed from the Optional Overrides category.

  • Added a new policy to the Optional Overrides category: Allow signing in through Remote Desktop Services. This will allow you to use Remote Desktop (RDP) locally to sign into your machine. For Device Usage intents, it only applies to Developer, Gaming and School intents. By default, all accounts can sign into the machine through Remote Desktop Services, but Microsoft Security Baselines set that policy to block for all kinds of accounts.

  • Fixed an issue in the Optional Windows Features category by adding the DismService.exe component of the Harden System Security app to Attack Surface Reduction rules exclusions, only for the duration of the app's runtime, which is automatically removed when you close the app. Please refer to my comment here for further explanation: #970 (comment)

  • Added "Delete" option to the right-click (or tap + hold) context menu of the Microsoft 365 Apps Security Baseline page. You can now select one or more Microsoft 365 apps policies and remove them individually. This offers greater flexibility in managing the policies compared to "Remove All" option, which removes all policies at once. This also means you can have a more customized device policy that you can then backup and restore on other devices.

  • Added "Delete" option to the right-click (or tap + hold) context menu of the Microsoft Security Baselines page. You can now select one or more Microsoft Security Baseline policies (Only those with types Group Policy or Audit Policy are supported) and remove them individually. This offers greater flexibility in managing the policies compared to "Remove All" option, which removes all policies at once. This also means you can have a more customized device policy that you can then backup and restore on other devices.

  • Added 3 new security measures to the Miscellaneous Category responsible for showing the extension of .url, .pif and .lnk files in File Explorer. Their file extensions are hidden even if you have set File Explorer to show file extensions for known file types. These measures will ensure that the file extensions of these files are always visible, enhancing security by making it easier to identify potentially malicious files. This mitigates security risks where attackers use hidden extensions to disguise phishing links or malicious redirects as safe documents. Program Information Files (PIF) function similarly to .exe files and are frequently used by attackers to hide malware behind a less familiar file type. Completes this feature request

PRs

How To Download

Check out latest releases or
releases around HotCakeX/Harden-Windows-Security HardenSystemSecurity-v1.0.33.0

Don't miss a new Harden-Windows-Security release

NewReleases is sending notifications on new releases.

Get notifications