[v1.1.1] - 2024-12-08

Added

• New policy to enable or disable the Windows Defender sandbox

Fixed

• Indentation value for REG_SZ-based policies

[v1.1] - 2024-12-08

Changed

• Major refactoring of the codebase
  • Better consistency of indentation and formatting
  • Split in several file for network, system and debugging categories

Added

• Additional settings from the Microsoft Security Guide and the legacy MSS settings
  • Not translated to fr-FR for now
  • Settings were removed if already present in the main ADMX files

[v1.0.37] - 2024-11-12

Added

• New policy to enable or disable the support for KASAN

Fixed

• Fix the Registry path for the Mandatory VBS flag introduced in v1.0.36

[v1.0.36] - 2024-11-03

Added

• New policy to configure the Mandatory mode for Virtualization-Based Security

[v1.0.35] - 2024-10-18

Added

• New policy to configure the behavior of the Sudo command, introduced in Windows 11 24H2
  • Cf. @mobilejon blog post about the command: https://mobile-jon.com/2024/10/14/deep-dive-into-windows-sudo/
• New policy to control the state of the generative AI features in Acrobat and Acrobat Reader products

[v1.0.34] - 2024-09-27

Added

• Added all the steps required to update the bootloader against the BlackLotus vulnerability CVE-2023-24932
  • Cf. Microsoft documentation at https://support.microsoft.com/en-us/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d#bkmk_mitigation_guidelines

[v1.0.33] - 2024-01-05

Fixed

• supportedOn value for the DTLS 1.3 policy

[v1.0.32] - 2023-12-03

Added

• Dropdown selection list for Schannel verbosity levels
• Mitigation for the BlackLotus vulnerability CVE-2023-24932

[v1.0.31] - 2023-11-26

Added

• Support for DTLS 1.3 in Schannel section

[v1.0.30] - 2023-11-26

Fixed

• Typo in the MsCacheV2 hardening policy description : MSCHAPv2 -> MsCacheV2
• Improved the overall wording of the description