FIX-WindowsUpdate.ps1 - security risk, adds asterisk to the TrustedHosts list

rzander / sccmclictr

Client Center for Configuration Manager

Microsoft Public License

321 stars 59 forks source link

FIX-WindowsUpdate.ps1 - security risk, adds asterisk to the TrustedHosts list #204

Closed EckeD closed 9 months ago

EckeD commented 9 months ago

in the "FIX-WindowsUpdate.ps1" script, in line 119 the TrustedHosts list is set to - which would allow any device to connect: `Set-Item -Path WSMan:\localhost\Client\TrustedHosts -Value '' -force` I would strongly suggest to remove or at least comment this line out from the script, as it poses a security risk and also is unnecessary. If the list needs to be fixed, the admin of the environment should do that appropriately, outside of this script.

rzander commented 9 months ago

It's now commented out...

EckeD commented 9 months ago

thanks! :)