search

Harvester57 / Security-ADMX

Custom ADMX template focused on hardening Windows 10 & Windows 11 systems
74 stars 8 forks source link

Disable standard user in safe boot mode parameter #5

Closed Harvester57 closed 2 years ago

Harvester57 commented 2 years ago

An adversary with standard user credentials that can boot into Microsoft Windows using Safe Mode, Safe Mode with Networking or Safe Mode with Command Prompt options may be able to bypass system protections and security functionality. To reduce this risk, users with standard credentials should be prevented from using Safe Mode options to log in.

The following registry entry can be implemented using Group Policy preferences to prevent non-administrators from using Safe Mode options.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

SafeModeBlockNonAdmins

REG_DWORD 0x00000001 (1)

Taken from : https://www.cyber.gov.au/acsc/view-all-content/publications/hardening-microsoft-windows-10-version-21h1-workstations

Harvester57 commented 2 years ago

Added in release v1.0.18 and commit https://github.com/Harvester57/Security-ADMX/commit/0bf49dcd4907a11d3a304cc982cb562482120c6e