mirror of
https://github.com/fleetdm/fleet
synced 2026-05-22 08:28:52 +00:00
6d633427d8
Changelog ADD: ADD - 18.10.75.1 (L1) Ensure 'Automatic Data Collection' is set to 'Enabled' ADD - 18.10.92.2 (L1) Ensure 'Enable features introduced via servicing that are off by default' is set to 'Disabled' ADD - 18.10.92.4 (L1) Ensure 'Enable optional updates' is set to 'Disabled' ADD - 18.8 (L2) Ensure 'Remove Personalized Website Recommendations from the Recommended section in the Start Menu' is set to 'Enabled' ADD - 18.9.19 (L1) 'Configure security policy processing: Do not apply during periodic background processing' is set to 'False' ADD - 18.9.19 (L1) 'Configure security policy processing: Process even if the Group Policy objects have not changed' is set to 'True' ADD - 18.9.25 (L1) Ensure 'Configure password backup directory' is set to 'Enabled: Active Directory' or 'Enabled: Azure Active Directory' ADD - 18.9.25 (L1) Ensure 'Enable password encryption' is set to 'Enabled' ADD - 18.9.25 (L1) Ensure 'Post-authentication actions: Actions' is set to 'Enabled: Reset the password and logoff the managed account' or higher ADD - 18.9.25 (L1) Ensure 'Post-authentication actions: Grace period (hours)' is set to 'Enabled: 8 or fewer hours, but not 0' ADD - 19.7.38 (L1) Ensure 'Turn off Windows Copilot' is set to 'Enabled' ADD - 2.3.11 (L1) Ensure 'Network security: Restrict NTLM: Audit Incoming NTLM Traffic' is set to 'Enable auditing for all accounts' ADD - 2.3.11 (L1) Ensure 'Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers' is set to 'Audit all' or higher REMOVE: REMOVE - 18.10.76.3 (L1) Ensure 'Prevent bypassing Windows Defender SmartScreen prompts for sites' is set to 'Enabled' REMOVE - 5 (L1) Ensure 'Internet Connection Sharing (ICS) (SharedAccess)' is set to 'Disabled' REMOVE - 9.1 (L1) Ensure 'Windows Firewall: Domain: Outbound connections' is set to 'Allow (default)' REMOVE - 9.2 (L1) Ensure 'Windows Firewall: Private: Outbound connections' is set to 'Allow (default)' REMOVE - 9.3 (L1) Ensure 'Windows Firewall: Public: Outbound connections' is set to 'Allow (default)' UPDATE: UPDATE - 18.10.42.7 (L2 -> L1) Ensure 'Enable file hash computation feature' is set to 'Enabled' UPDATE - 18.10.86 (L1 -> L2) Ensure 'Turn on PowerShell Script Block Logging' is set to 'Enabled' UPDATE - 18.10.86 (L1 -> L2) Ensure 'Turn on PowerShell Transcription' is set to 'Enabled' UPDATE - 18.5 'MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)' TO 'MSS: (AutoAdminLogon) Enable Automatic Logon' UPDATE - 18.5 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)' TO 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level' UPDATE - 18.5 'MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)' TO 'MSS: (DisableIPSourceRouting) IP source routing protection level' UPDATE - 18.5 'MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS)' TO 'MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses' UPDATE - 18.5 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' TO 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode' UPDATE - 18.5 'MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires (0 recommended)' TO 'MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires' UPDATE - 18.5 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes (recommended)' TO 'Enabled: 300,000 or 5 minutes' UPDATE - 18.9.50.1 (L2 -> L1) Ensure 'Enable Windows NTP Client' is set to 'Enabled' UPDATE - 18.9.50.1 (L2 -> L1) Ensure 'Enable Windows NTP Server' is set to 'Disabled' --------- Co-authored-by: Sharon Katz <121527325+sharon-fdm@users.noreply.github.com> Co-authored-by: Sharon Katz <sharon@fleetdm.com> |
||
|---|---|---|
| .. | ||
| macos-13 | ||
| macos-14 | ||
| win-10 | ||
| win-11 | ||