HotCakeX
commented
3 months ago Hi, You can disable them by simply running the Microsoft Security baselines category (without optional overrides). After that, you can use the group policies I described in that page to hand pick which overrides you want to apply, if any.
I added the PowerShell command to the number 7, that's what the script uses to re-enable it. For number 5, you need to use the zip file, you will find the relevant files in the following folder
Security-Baselines-X\Overrides for Microsoft Security Baseline\The service status are set using group policy. You can use this article to open up .pol files.
People that don't want to use the hardened system for gaming can simply run the Microsoft Security baselines without optional overrides. It's not forced, there are options, but putting every single override in its own subcategory sounds unnecessary and messy, it would be as if I'm reinventing the group policy editor again.
hgj44d
I applied the Optional overrides for Microsoft Security Baseline with your PowerShell script, but now I want to disable all Xbox related features in the optional overrides. This would be setting number 5 and setting number 7, but I was not able to find any information where I can find the group policy or setting.
Can you please add more information to Number 5 and 7, so that I'm able to disable it?
Another suggestion would be to have the option in your PowerShell script to select which overrides should apply, because I could imagine that many people don't want to use their hardened, high-security computers for gaming.