search

Harvester57 / Security-ADMX

Custom ADMX template focused on hardening Windows 10 & Windows 11 systems
74 stars 8 forks source link

WinHttp TLS 1.2 only #16

Closed Deas-h closed 1 year ago

Deas-h commented 1 year ago

You currently don´t have this setting in your GPO, but I found it on a recent blog post. If we completely disable everything below TLS 1.2, I think this is missing to allow WinHttp to work only with TLS 1.2.

https://support.microsoft.com/en-us/topic/update-to-enable-tls-1-1-and-tls-1-2-as-default-secure-protocols-in-winhttp-in-windows-c4bd73d2-31d7-761e-0178-11268bb10392

Harvester57 commented 1 year ago

Good catch ! (and I read this article when it was published... :))

Will try to add the setting this weekend :)

Harvester57 commented 1 year ago

Sorry for the delay, I added the policy in v1.0.29, can you check if everything works as expected ?

Deas-h commented 1 year ago

NP - seems to do what it should. Thanks for your help! :)

Harvester57 commented 1 year ago

🎉🎉