search

HotCakeX / Harden-Windows-Security

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md
https://hotcakex.github.io
MIT License
1.84k stars 143 forks source link

[Bug]: Allow Grace Period for OS Version Requirement Check #92

Closed JuliusBairaktaris closed 1 year ago

JuliusBairaktaris commented 1 year ago

Tools category

Harden Windows Security Script

Does your system meet the requirements?

Please explain the bug

The script mandates users to have the latest version of Windows installed. However, it's a known fact that Windows doesn't consistently distribute updates to all users at the same time. There can be delays for some users without any apparent reason. For instance, across my four devices, I consistently encounter this error:

Write-Error: You're not using the latest build of the Windows OS. A minimum build of 22621.2215 is required but your OS build is 22621.2134. Please go to Windows Update to install the updates and then try again.

image

To account for these Windows update inconsistencies, I recommend introducing a grace period in the script's requirements. For instance, permitting Windows builds that are Outdated for up to 2 weeks would be more accommodating for users who haven't received the latest update yet.

HotCakeX commented 1 year ago

Hi, I just had to select that build number as minimum to make sure the features added here are usable when the script tries to enable them.

In the future I will wait for them to be available without the need to toggle this button

image

I changed the build number requirement to 22621.2134 : https://github.com/HotCakeX/Harden-Windows-Security/pull/93

JuliusBairaktaris commented 1 year ago

Off-topic a bit, but is there a way to force Windows updates? I still don't see any updates with this button enabled.

image

HotCakeX commented 1 year ago

Oh, do you happen to be using MSI motherboard? MSI has a problem with their BIOS so MSFT stopped offering this update to those users until they release a new BIOS update for their hardware. https://www.theverge.com/2023/8/25/23845469/msi-confirms-windows-11-bsod-issues

For me the update was installed around 5 days ago

image

JuliusBairaktaris commented 1 year ago

Asus motherboard on my desktop. My laptops are Dell, Lenovo, HP so they use the corresponding proprietary BIOS. Probably, Microsoft just dislikes me xD.

HotCakeX commented 1 year ago

Asus motherboard on my desktop. My laptops are Dell, Lenovo, HP so they use the corresponding proprietary BIOS. Probably, Microsoft just dislikes me xD.

Haha! it's okie, preview updates won't be a requirement again, will always stick to stable globally released builds :)