search

HotCakeX / Harden-Windows-Security

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md
https://hotcakex.github.io
MIT License
1.84k stars 143 forks source link

Fixed an error related to flash drive #155

Closed HotCakeX closed 1 year ago

HotCakeX commented 1 year ago

Using -ErrorAction SilentlyContinue with Get-BitLockerVolume cmdlet because after running the Microsoft Security baseline category, if there is a flash drive attached to the device, you "might" see this error in the BitLocker category:

Device Id: \\?\Volume{83196d59-0000-0000-0000-107d00000000}\ does not have a corresponding volume.

It only suppresses Non-terminating errors

The update will be released as part of the module soon as well.

The reason that error is thrown is that Microsoft Security Baselines apply a policy that forces all removable drives to be encrypted with BitLocker otherwise they will be read-only and have possibly other limitations.

That policy is reverted if you apply Microsoft Security Baselines with the optional overrides, but that's not enough for the Get-BitLockerVolume cmdlet and it still throws error, this is why it is now equipped with -ErrorAction SilentlyContinue to take care of this situation.

HotCakeX commented 1 year ago

When BitLocker's Personal Vault is unlocked, it will appear in Get-BitLockerVolume with a drive letter similar to the one above

\\?\Volume{a9bdb7be-0000-0000-0000-100000000000}\

We can see in the results of the Get-Volume that the drive belongs to OneDrive personal vault

image