Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md
When using Deploy-SignedWDACConfig to sign and deploy a WDAC policy, you will only see the prompt asking to add the signed policy to the user configurations, if the policy you are signing and deploying is a base policy.
Improved Temp folder path detection to be more secure and resilient.
Improved User profile directory detection to be more secure.
In New-SupplementalWDACConfig cmdlet, changed the parameter name -FilePathWildCards to PathWildCards to better reflect its purpose.
In New-SupplementalWDACConfig cmdlet, changed the parameter name -WildCardPath to FolderPath to better reflect its purpose.
Added GUI for New-SupplementalWDACConfig -PathWildCards -Path, it automatically adds a * wildcard at the end of the path and you can add extra wildcards to anywhere in the selected folder path too.
Made the generated policy file names and policy names consistent across all WDACConfig module's cmdlets.
When using -Deploy parameter with New-SupplementalWDACConfig cmdlet, if the selected base policy is a Signed policy, you will see an error stating that you should use Deploy-SignedWDACConfig cmdlet to deploy Signed policies.
Removed the manual MDAV scan of the UserConfigurations.json file since Defender already scans all of the files on access.
Relocated some of the parameters of the Set-CommonWDACConfig cmdlet to be easier to work with.
Improved some console output spacing for New-WDACConfig cmdlet.
TL/TR
This update improves the overall experience of the WDACConfig module, makes it easier to work with and implements various new checks to ensure user error is minimal. The goal is to minimize accidental user errors as much as possible by implementing useful and intelligent checks in multiple parts of the module.
What's Changed
Deploy-SignedWDACConfigto sign and deploy a WDAC policy, you will only see the prompt asking to add the signed policy to the user configurations, if the policy you are signing and deploying is a base policy.New-SupplementalWDACConfigcmdlet, changed the parameter name-FilePathWildCardstoPathWildCardsto better reflect its purpose.New-SupplementalWDACConfigcmdlet, changed the parameter name-WildCardPathtoFolderPathto better reflect its purpose.New-SupplementalWDACConfig -PathWildCards -Path, it automatically adds a*wildcard at the end of the path and you can add extra wildcards to anywhere in the selected folder path too.-Deployparameter withNew-SupplementalWDACConfigcmdlet, if the selected base policy is a Signed policy, you will see an error stating that you should useDeploy-SignedWDACConfigcmdlet to deploy Signed policies.UserConfigurations.jsonfile since Defender already scans all of the files on access.Set-CommonWDACConfigcmdlet to be easier to work with.New-WDACConfigcmdlet.TL/TR
This update improves the overall experience of the WDACConfig module, makes it easier to work with and implements various new checks to ensure user error is minimal. The goal is to minimize accidental user errors as much as possible by implementing useful and intelligent checks in multiple parts of the module.