robsmi-msfte
commented
3 months ago Hello @ingd,
The VDOT tool was designed to reduce processes and threads that can cause unwanted overhead in Windows. We have since the beginning, intentionally untouched security settings. I know about PowerShell v2 and read up on Webclient. I completely agree that those should be removed, but done as a security process, not necessarily an optimization process.
On the other hand, you are free to modify the VDOT tools as you see fit for your environment. You can add this to Services.json:
{ "Name": "Webclient", "VDIState": "Unchanged", "URL": "https://learn.microsoft.com/en-us/dotnet/api/system.net.webclient?view=net-8.0", "Description": "Enables Windows-based programs to create, access, and modify Internet-based files." },
To remove PowerShell v2, you can do this:
Get-WindowsOptionalFeature -Online -FeatureName "PowerShellV2" | Disable-WindowsOptionalFeature -Online -Remove -NoRestart
Thanks,
Robert M. Smith
Hello, team. I hope all of you are doing well.
I'd like to propose the removal of certain legacy services and additional features that are no longer secure or necessary:
Windows capabilities/optinal features: . OpenSSH.Client . WordPad . Hello Face . App Quick Assist . MicrosoftWindowsPowerShellV2 References: https://devblogs.microsoft.com/powershell/windows-powershell-2-0-deprecation/ https://support.microsoft.com/en-us/topic/ms04-041-a-vulnerability-in-wordpad-could-allow-code-execution-b7a9f637-6ff8-3ecb-0fbf-a88c905c6185
And disable legacy services: Services: . Webclient (WebDAV) References: https://techcommunity.microsoft.com/t5/itops-talk-blog/how-to-defend-users-from-interception-attacks-via-smb-client/ba-p/1494995