Hardening script update v2023.8.27

HotCakeX / Harden-Windows-Security

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md

https://hotcakex.github.io

MIT License

1.87k stars 148 forks source link

Hardening script update v2023.8.27 #91

Closed HotCakeX closed 1 year ago

HotCakeX commented 1 year ago

Added Exploit Protections / Process Mitigations for Microsoft 365 apps including OneDrive

https://github.com/HotCakeX/Harden-Windows-Security/issues/49

The script now finds and adds OneDrive for business folders in addition to personal OneDrive folders to the Controlled Folder Access protections

HotCakeX commented 1 year ago

Tested the Microsoft 365 apps (Stable and insider builds) that were added to the list with their new process mitigations on physical hardware and VMs, multiple times, used different features of each app, used OneDrive personal and business, everything works normally as expected.

HotCakeX commented 1 year ago

Improved OS version check Improved displayed messages Temporarily switched ProcessMitigations.csv to the dev branch which will revert back to the main branch before PR merge

HotCakeX commented 1 year ago

Added checks to make sure Microsoft Defender is not running in Passive mode, before running the hardening measures.

Basically checking to see all the requirements are met: https://github.com/HotCakeX/Harden-Windows-Security?tab=readme-ov-file#requirements-