Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md
Added Process mitigations for WebView 2 and Runtime broker
Removed unnecessary process mitigations for Edge and Acrobat reader because they are enabled by default by system (These changes are automatically applied when you run the Microsoft Defender category using the Harden Windows Security Module.)
Added proper description for all of the executables in the process mitigations CSV file
Removed direct path from the process mitigations and instead only rely on file names, this can provide better security
Temporarily changing the ProcessMitigations.csv file URL to development branch for testing purposes
Improved the description of the Harden Windows Security Module on PowerShell Gallery
Removed DisableExtensionPoints for PrintDialog.exe and BlockDynamicCode for Regsvr32.exe. This change is necessary to make sure a special use case where you try to print from an RDP session to a printer on the host works fine. Process mitigations are only good if they do not cause usability issues and this repository doesn't want to introduce any problem to the users, that's why those process mitigations are removed.
Changes so far
DisableExtensionPointsforPrintDialog.exeandBlockDynamicCodeforRegsvr32.exe. This change is necessary to make sure a special use case where you try to print from an RDP session to a printer on the host works fine. Process mitigations are only good if they do not cause usability issues and this repository doesn't want to introduce any problem to the users, that's why those process mitigations are removed.