Harden Windows Security v.0.7.3 #515
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Added a new section to the `Apps | Features` page where you can remove the pre-installed built-in network drivers that you do not use. Windows by default has WIFI and Ethernet network adapter drivers of Intel, Broadcom, Ralink, Realtek, Qualcomm and Marvel. If you do not have any of those hardware or you install your own drivers then you can remove the unnecessary ones, freeing up disk space. * You can view the full list of pre-installed network drivers via this PowerShell command: `Get-WindowsCapability -Online` * As always, detailed logs of each step of the operation will be generated and made available. * Improved the dialog window design. It has a gradient dark background and will stay at top so user won't miss important message that is displayed. * Added a check to display a message to the user when installing AppControl Manager and an incompatible policy is detected. * Improved the module's compatibility with other modules that load the same Microsoft DLLs in the session through PowerShell profile. When Harden Windows Security detects such situations, it will automatically use the `-NoProfile` switch. * Updated the Microsoft DLLs to the latest versions from NuGet. * Improved the logging mechanism when using the Harden Windows Security in unattended/headless mode
There was a problem hiding this comment.
Copilot reviewed 14 out of 26 changed files in this pull request and generated no comments.
Files not reviewed (12)
- Harden-Windows-Security Module/Main files/Core/Confirm-SystemCompliance.psm1: Language not supported
- Harden-Windows-Security Module/Main files/Core/Protect-WindowsSecurity.psm1: Language not supported
- Harden-Windows-Security Module/Main files/Core/Unprotect-WindowsSecurity.psm1: Language not supported
- Harden-Windows-Security Module/Main files/Harden-Windows-Security-Module.psd1: Language not supported
- Harden-Windows-Security Module/Main files/C#/GUI/Confirm/View.cs: Evaluated as low risk
- Harden-Windows-Security Module/Main files/C#/Others/NativeMethods.cs: Evaluated as low risk
- Harden-Windows-Security Module/Main files/C#/GUI/AppControlManager/View.cs: Evaluated as low risk
- Harden-Windows-Security Module/Main files/C#/GUI/AppControlManager/Variables.cs: Evaluated as low risk
- Harden-Windows-Security Module/Main files/C#/GUI/Unprotect/View.cs: Evaluated as low risk
- Harden-Windows-Security Module/Main files/C#/CimInstances/BitLocker-Disable.cs: Evaluated as low risk
- Harden-Windows-Security Module/Main files/C#/Others/Initializer.cs: Evaluated as low risk
- Harden-Windows-Security Module/Main files/C#/Others/DialogMsgHelper.cs: Evaluated as low risk
Comments suppressed due to low confidence (2)
Harden-Windows-Security Module/Main files/C#/Others/WindowsFeatureChecker.cs:149
- The placeholder in the PowerShell script template should match the parameter name. Replace
{CompatibilityName}with{capabilityPattern}.
string script = scriptTemplate.Replace("{CompatibilityName}", capabilityPattern, StringComparison.OrdinalIgnoreCase);
Harden-Windows-Security Module/Main files/C#/Others/Logger.cs:221
- The new method LogToFileCLI should be covered by tests to ensure the new logging functionality for CLI and unattended modes works as expected.
private static void LogToFileCLI(string Text)
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
|
P.S 100% of the alerts in this PR which are generated automatically by the bots are False Positive. They scan the code, they see there is the word "key protector" or "DisableEmailScanningResult" so they think "oh it must be something sensitive". 🙃 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What's New
Added a new section to the
Apps | Featurespage where you can remove the pre-installed built-in network drivers that you do not use. Windows by default has WIFI and Ethernet network adapter drivers of Intel, Broadcom, Ralink, Realtek, Qualcomm and Marvel. If you do not have any of those hardware or you install your own drivers then you can remove the unnecessary ones, freeing up disk space.You can view the full list of pre-installed network drivers via this PowerShell command:
Get-WindowsCapability -OnlineAs always, detailed logs of each step of the operation will be generated and made available.
Improved the dialog window design. It has a gradient dark background and will stay at top so user won't miss important message that is displayed.
Added a check to display a message to the user when installing AppControl Manager and an incompatible policy is detected.
Improved the module's compatibility with other modules that load the same Microsoft DLLs in the session through PowerShell profile. When Harden Windows Security detects such situations, it will automatically use the
-NoProfileswitch.Updated the Microsoft DLLs to the latest versions from NuGet.
Improved the logging mechanism when using the Harden Windows Security in unattended/headless mode like this:
That's an example command that will run all of the categories and sub-categories in unattended mode, completely offline, and log the output to a file. The log file will contain every details of the operation just like they are generated in the GUI mode.
Previously the logs in this scenario would have very minimal content because the built-in PowerShell transcription feature was being used but now it's handled by the module itself.
With a command like that, you can configure your systems/workstations in bulk and schedule that command to run periodically. That is a completely automated mechanism and if a new version of the module is available, it will download and install it and remove any older version.
Documentation is available here.
If you have any questions about the unattended/headless mode, feel free to ask here on GitHub.