search

Harvester57 / Security-ADMX

Custom ADMX template focused on hardening Windows 10 & Windows 11 systems
74 stars 8 forks source link

T1553.004: Add "Prevent non-administrator users to add Root certificates" parameter #7

Closed Harvester57 closed 1 year ago

Harvester57 commented 2 years ago

Cf. https://attack.mitre.org/techniques/T1553/004/ & https://posts.specterops.io/code-signing-certificate-cloning-attacks-and-defenses-6f98657fc6ec

HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\Root\ProtectedRoots - Flags (REG_DWORD) - 1

Harvester57 commented 1 year ago

Added in https://github.com/Harvester57/Security-ADMX/commit/f5a2e22a0e9513f78c5d536246665e63d1a558ae (finally...)