Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md
Added SSH hardening by configuring the SSH client to use secure MACs (Message Authentication Codes). Closes #354
🎉 Added the ability to Decrypt a BitLocker encrypted drive to the Unprotect tab. You can select a drive from the list of drives in a dropdown menu and then use the button to easily decrypt it if you want to.
Moved the security measure that sets all network profiles' locations to public from the Windows Networking category to the Windows Firewall category. Related discussion
Added a check to the compliance checking to make sure the LanmanWorkstation service is enabled and running. Related discussion
🎉 Added a new feature through a new button in the ASR (Attack Surface Reduction) tab where it allows you to retrieve the current effective status of each ASR rule on the system and populate the boxes with them and then take action.
🎉 When modifying the ASR rules using the ASR tab, there will be detailed logging.
Adjusted the system requirement checks to happen sooner to show proper messages to the user about any possible problems.
Changed some of the element names in the GUI from "WDAC" to "App Control" due to name changes by Microsoft starting Windows build 24H2.
In the Unprotect tab, the App Control policies dropdown menu now only becomes available when the other dropdown menu is set to "Only Remove The App Control Policies", improving user experience.
Minor overall performance improvements.
Various GUI tabs have been improved to work with very small heights. Now they will have a scrollbar whenever the height is too small so you can always work with the UI elements.
The GUI is no longer draggable from anywhere on the interface by touch or mouse click, it now works like any other user interface where you use the title bar for dragging.
[!TIP]\
If you're new here, the Harden Windows Security module automatically checks for update whenever you start it so no manual work is needed to stay up to date. It does this by comparing the installed version with the version number on GitHub.
What's New
Added SSH hardening by configuring the SSH client to use secure MACs (Message Authentication Codes). Closes #354
🎉 Added the ability to Decrypt a BitLocker encrypted drive to the Unprotect tab. You can select a drive from the list of drives in a dropdown menu and then use the button to easily decrypt it if you want to.
Moved the security measure that sets all network profiles' locations to public from the Windows Networking category to the Windows Firewall category. Related discussion
Added a check to the compliance checking to make sure the
LanmanWorkstationservice is enabled and running. Related discussion🎉 Added a new feature through a new button in the ASR (Attack Surface Reduction) tab where it allows you to retrieve the current effective status of each ASR rule on the system and populate the boxes with them and then take action.
🎉 When modifying the ASR rules using the ASR tab, there will be detailed logging.
Adjusted the system requirement checks to happen sooner to show proper messages to the user about any possible problems.
Changed some of the element names in the GUI from "WDAC" to "App Control" due to name changes by Microsoft starting Windows build 24H2.
In the Unprotect tab, the App Control policies dropdown menu now only becomes available when the other dropdown menu is set to "Only Remove The App Control Policies", improving user experience.
Minor overall performance improvements.
Various GUI tabs have been improved to work with very small heights. Now they will have a scrollbar whenever the height is too small so you can always work with the UI elements.
Updated the Microsoft signed DLLs used for toast notifications to the latest versions. Wonder how it's done? Check out this Wiki article.
The GUI is no longer draggable from anywhere on the interface by touch or mouse click, it now works like any other user interface where you use the title bar for dragging.