PowerShell - wbMSPSecurity 1.0
PowerShell for Endpoint Security. These commands will close up some endpoint issues that are defined in Microsoft's Secure Score and other Windows security products.
The install and use of the wbMSPSecurity is pretty straight forward. Open Windows PowerShell with Administrative access and copy and paste the commands below.
This module is registered with PowerShell Gallery
wbMSPSecurity 1.0 Installation
Install-PackageProvider -Name NuGet -RequiredVersion 2.8.5.201 -Force;
Import-PackageProvider -Name NuGet -RequiredVersion 2.8.5.201;
Install-Module -Name wbMSPSecurity -RequiredVersion 1.0 -Force;
Import-Module -Name wbMSPSecurity -RequiredVersion 1.0;
A majority of these controls are low impact and shouldn't disrupt your workflow however, caution is advised depending on your setup.
To enable all modules: Set-wbMSPsecAllOn
To revert all modules: Set-wbMSPsecAllOff
1) Block outdated ActiveX controls for Internet Explorer
SetSet-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext" -Name 'VersionCheckEnabled' -Value 1;
wbMSPSecurity 1.0: Set-wbMSPsec1On
Revert
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext" -Name 'VersionCheckEnabled' -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec1Off
2) Disable 'Autoplay for non-volume devices'
SetSet-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" -Name 'NoAutoplayfornonVolume' -Value 1;
New-Item -Path "HKLM:\Software\Policies\Microsoft\Windows" -Name 'Explorer' -Force;
New-ItemProperty -Path "HKLM:\Software\Policies\Microsoft\Windows\Explorer" -Name 'NoAutoplayfornonVolume' -Value 1;
wbMSPSecurity 1.0: Set-wbMSPsec2On
Revert
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" -Name 'NoAutoplayfornonVolume' -Value 0;
Set-ItemProperty -Path "HKLM:\Software\Policies\Microsoft\Windows\Explorer" -Name 'NoAutoplayfornonVolume' -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec2Off
3) Disable 'Autoplay' for all drives
SetSet-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" -Name 'NoDriveTypeAutoRun' -Value 255;
wbMSPSecurity 1.0: Set-wbMSPsec3On
Revert
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" -Name 'NoDriveTypeAutoRun' -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec3Off
4) Disable 'Continue running background apps when Google Chrome is closed'
SetNew-Item -Path "HKLM:\Software\Policies" -Name 'Google' -Force;
New-Item -Path "HKLM:\Software\Policies\Google" -Name 'Chrome' -Force;
New-ItemProperty -Path "HKLM:\Software\Policies\Google\Chrome" -Name 'BackgroundModeEnabled' -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec4On
Revert
Set-ItemProperty -Path "HKLM:\Software\Policies\Google\Chrome" -Name 'BackgroundModeEnabled' -Value 1;
wbMSPSecurity 1.0: Set-wbMSPsec4Off
5) Disable 'Enumerate administrator accounts on elevation'
SetNew-Item -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies" -Name 'CredUI' -Force;
New-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\CredUI" -Name 'EnumerateAdministrators' -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec5On
Revert
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\CredUI" -Name 'EnumerateAdministrators' -Value 1;
wbMSPSecurity 1.0: Set-wbMSPsec5Off
6) Disable 'Password Manager'
SetSet-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Edge\" -Name "PasswordManagerEnabled" -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec28On
Revert
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Edge\" -Name "PasswordManagerEnabled" -Value 1;
wbMSPSecurity 1.0: Set-wbMSPsec28Off
7) Disable Anonymous enumeration of shares
SetSet-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Lsa" -Name 'RestrictAnonymous' -Value 1;
wbMSPSecurity 1.0: Set-wbMSPsec6On
Revert
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Lsa" -Name 'RestrictAnonymous' -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec6Off
8) Disable Insecure guest logons in SMB
SetSet-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters\" -Name "AllowInsecureGuestLogons" -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec39On
Revert
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters\" -Name "AllowInsecureGuestLogons" -Value 1;
wbMSPSecurity 1.0: Set-wbMSPsec39Off
9) Disable Installation and configuration of Network Bridge on your DNS domain network
SetSet-ItemProperty -Path "HKLM:\Software\Policies\Microsoft\Windows\Network Connections\" -Name "NC_AllowNetBridge_NLA" -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec30On
Revert
Set-ItemProperty -Path "HKLM:\Software\Policies\Microsoft\Windows\Network Connections\" -Name "NC_AllowNetBridge_NLA" -Value 1;
wbMSPSecurity 1.0: Set-wbMSPsec30Off
10) Disable IP Source routing
SetSet-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\" -Name 'DisableIPSourceRouting' -Value 2;
wbMSPSecurity 1.0: Set-wbMSPsec7On
Revert
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\" -Name 'DisableIPSourceRouting' -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec7Off
11) Disable JavaScript/Flash on Adobe Reader DC
SetNew-Item -Path "HKLM:\SOFTWARE\Policies\Adobe\" -Name 'Acrobat Reader' -Force;
New-Item -Path "HKLM:\SOFTWARE\Policies\Adobe\Acrobat Reader" -Name 'DC' -Force;
New-Item -Path "HKLM:\SOFTWARE\Policies\Adobe\Acrobat Reader\DC" -Name 'FeatureLockDown' -Force;
New-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Adobe\Acrobat Reader\DC\FeatureLockDown" -Name 'bDisableJavaScript' -Value 1;
New-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Adobe\Acrobat Reader\DC\FeatureLockDown" -Name 'bEnableFlash' -Value 1;
wbMSPSecurity 1.0: Set-wbMSPsec8On
Revert
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Adobe\Acrobat Reader\DC\FeatureLockDown" -Name 'bDisableJavaScript' -Value 0;
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Adobe\Acrobat Reader\DC\FeatureLockDown" -Name 'bEnableFlash' -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec8Off
12) Disable Microsoft Defender Firewall notifications when programs are blocked for Domain/Public/Private profile
SetNew-Item -Path "HKLM:\Software\Policies\Microsoft" -Name 'WindowsFirewall' -Force;
New-Item -Path "HKLM:\Software\Policies\Microsoft\WindowsFirewall" -Name 'DomainProfile' -Force;
New-Item -Path "HKLM:\Software\Policies\Microsoft\WindowsFirewall" -Name 'PrivateProfile' -Force;
New-Item -Path "HKLM:\Software\Policies\Microsoft\WindowsFirewall" -Name 'PublicProfile' -Force;
New-ItemProperty -Path "HKLM:\Software\Policies\Microsoft\WindowsFirewall\DomainProfile" -Name 'DisableNotifications' -Value 1;
New-ItemProperty -Path "HKLM:\Software\Policies\Microsoft\WindowsFirewall\PrivateProfile" -Name 'DisableNotifications' -Value 1;
New-ItemProperty -Path "HKLM:\Software\Policies\Microsoft\WindowsFirewall\PublicProfile" -Name 'DisableNotifications' -Value 1;
wbMSPSecurity 1.0: Set-wbMSPsec9On
Revert
Set-ItemProperty -Path "HKLM:\Software\Policies\Microsoft\WindowsFirewall\DomainProfile" -Name 'DisableNotifications' -Value 0;
Set-ItemProperty -Path "HKLM:\Software\Policies\Microsoft\WindowsFirewall\PrivateProfile" -Name 'DisableNotifications' -Value 0;
Set-ItemProperty -Path "HKLM:\Software\Policies\Microsoft\WindowsFirewall\PublicProfile" -Name 'DisableNotifications' -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec9Off
13) Disable running or installing downloaded software with invalid signature
SetNew-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\" -Name 'Internet Explorer' -Force;
New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\Internet Explorer" -Name 'Download' -Force;
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Internet Explorer\Download\" -Name 'RunInvalidSignatures' -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec10On
Revert
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Internet Explorer\Download\" -Name 'RunInvalidSignatures' -Value 1;
wbMSPSecurity 1.0: Set-wbMSPsec10Off
14) Disable sending unencrypted password to third-party SMB servers
SetSet-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\" -Name "SealSecureChannel" -Value 1;
wbMSPSecurity 1.0: Set-wbMSPsec42On
Revert
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\" -Name "SealSecureChannel" -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec42Off
15) Disable SMBv1 client driver
SetDisable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol -NoRestart;
wbMSPSecurity 1.0: Set-wbMSPsec40On
Revert
Enable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol -NoRestart;
wbMSPSecurity 1.0: Set-wbMSPsec40Off
16) Disable SMBv1 server
SetSet-SmbServerConfiguration -EnableSMB1Protocol $false -Force;
wbMSPSecurity 1.0: Set-wbMSPsec41On
Revert
Set-SmbServerConfiguration -EnableSMB1Protocol $true -Force;
wbMSPSecurity 1.0: Set-wbMSPsec41Off
17) Disable the local storage of passwords and credentials
SetSet-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Lsa" -Name "DisableDomainCreds" -Value 1;
wbMSPSecurity 1.0: Set-wbMSPsec31On
Revert
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Lsa" -Name "DisableDomainCreds" -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec31Off
18) Disable WDigest Authentication
SetSet-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\Wdigest\" -Name "UseLogonCredential" -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec43On
Revert
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\Wdigest\" -Name "UseLogonCredential" -Value 1;
wbMSPSecurity 1.0: Set-wbMSPsec43Off
19) Enable 'Apply UAC restrictions to local accounts on network logons'
SetSet-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" -Name 'LocalAccountTokenFilterPolicy' -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec11On
Revert
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" -Name 'LocalAccountTokenFilterPolicy' -Value 1;
wbMSPSecurity 1.0: Set-wbMSPsec11Off
20) Enable 'Block third party cookies'
SetNew-ItemProperty -Path "HKLM:\Software\Policies\Google\Chrome" -Name 'BlockThirdPartyCookies' -Value 1;
wbMSPSecurity 1.0: Set-wbMSPsec12On
Revert
Set-ItemProperty -Path "HKLM:\Software\Policies\Google\Chrome" -Name 'BlockThirdPartyCookies' -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec12Off
21) Enable 'Microsoft network client: Digitally sign communications (always)'
SetSet-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" -Name 'RequireSecuritySignature' -Value 1;
wbMSPSecurity 1.0: Set-wbMSPsec13On
Revert
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" -Name 'RequireSecuritySignature' -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec13Off
22) Enable Domain member: Digitally encrypt or sign secure channel data (always)
SetSet-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\" -Name "RequireSignOrSeal" -Value 1;
wbMSPSecurity 1.0: Set-wbMSPsec45On
Revert
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\" -Name "RequireSignOrSeal" -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec45Off
23) Enable Domain member: Digitally sign secure channel data (when possible)
SetSet-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\" -Name "SignSecureChannel" -Value 1;
wbMSPSecurity 1.0: Set-wbMSPsec44On
Revert
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\" -Name "SignSecureChannel" -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec44Off
24) Enable Microsoft Defender Antivirus Email Scanning
SetSet-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" -Name 'DisableEmailScanning' -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec14On
Revert
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" -Name 'DisableEmailScanning' -Value 1
wbMSPSecurity 1.0: Set-wbMSPsec14Off
25) Enable Network Protection
SetSet-MpPreference -EnableNetworkProtection Enabled;
wbMSPSecurity 1.0: Set-wbMSPsec38On
Revert
Set-MpPreference -EnableNetworkProtection Disabled;
wbMSPSecurity 1.0: Set-wbMSPsec38Off
26) Enable Require domain users to elevate when setting a networks location
SetSet-ItemProperty -Path "HKLM:\Software\Policies\Microsoft\Windows\Network Connections\" -Name "NC_StdDomainUserSetLocation" -Value 1;
wbMSPSecurity 1.0: Set-wbMSPsec32On
Revert
Set-ItemProperty -Path "HKLM:\Software\Policies\Microsoft\Windows\Network Connections\" -Name "NC_StdDomainUserSetLocation" -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec32Off
27) Enable Safe DLL Search Mode
SetSet-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Session Manager\" -Name "SafeDllSearchMode" -Value 1;
wbMSPSecurity 1.0: Set-wbMSPsec37On
Revert
Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Session Manager\" -Name "SafeDllSearchMode" -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec37Off
28) Enable scanning of removable drives during a full scan
SetNew-Item -Path "HKLM:\Software\Policies\Microsoft\Windows Defender" -Name 'Scan' -Force;
New-ItemProperty -Path "HKLM:\Software\Policies\Microsoft\Windows Defender\Scan" -Name 'DisableRemovableDriveScanning' -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec15On
Revert
Set-ItemProperty -Path "HKLM:\Software\Policies\Microsoft\Windows Defender\Scan" -Name 'DisableRemovableDriveScanning' -Value 1;
wbMSPSecurity 1.0: Set-wbMSPsec15Off
29) Hide Option & Enable Automatic Updates
SetSet-ItemProperty -Path "HKLM:\SOFTWARE\policies\Microsoft\cloud\office\16.0\common\officeupdate" -Name 'enableautomaticupdates' -Value 1;
New-Item -Path "HKLM:\SOFTWARE\policies\Microsoft" -Name 'Office' -Force;
New-Item -Path "HKLM:\SOFTWARE\policies\Microsoft\Office" -Name '16.0' -Force;
New-Item -Path "HKLM:\SOFTWARE\policies\Microsoft\Office\16.0" -Name 'Common' -Force;
New-Item -Path "HKLM:\SOFTWARE\policies\Microsoft\Office\16.0\Common" -Name 'Officeupdate' -Force;
New-ItemProperty -Path "HKLM:\SOFTWARE\policies\Microsoft\Office\16.0\Common\Officeupdate" -Name 'hideenabledisableupdates' -Value 1;
New-ItemProperty -Path "HKLM:\SOFTWARE\policies\Microsoft\Office\16.0\Common\Officeupdate" -Name 'enableautomaticupdates' -Value 1;
wbMSPSecurity 1.0: Set-wbMSPsec16On
Revert
Set-ItemProperty -Path "HKLM:\SOFTWARE\policies\Microsoft\cloud\office\16.0\common\officeupdate" -Name 'enableautomaticupdates' -Value 0;
Set-ItemProperty -Path "HKLM:\SOFTWARE\policies\Microsoft\Office\16.0\Common\Officeupdate" -Name 'hideenabledisableupdates' -Value 0;
Set-ItemProperty -Path "HKLM:\SOFTWARE\policies\Microsoft\Office\16.0\Common\Officeupdate" -Name 'enableautomaticupdates' -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec16Off
30) Prohibit use of Internet Connection Sharing on your DNS domain network
SetSet-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Network Connections" -Name 'NC_ShowSharedAccessUI' -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec17On
Revert
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Network Connections" -Name 'NC_ShowSharedAccessUI' -Value 1;
wbMSPSecurity 1.0: Set-wbMSPsec17Off
31) Secure Microsoft Defender Firewall domain profile
SetSet-NetFirewallProfile -Profile Domain -Enabled True;
wbMSPSecurity 1.0: Set-wbMSPsec34On
Revert
Set-NetFirewallProfile -Profile Domain -Enabled False;
wbMSPSecurity 1.0: Set-wbMSPsec34Off
32) Secure Microsoft Defender firewall private profile
SetSet-NetFirewallProfile -Profile Private -Enabled True;
wbMSPSecurity 1.0: Set-wbMSPsec36On
Revert
Set-NetFirewallProfile -Profile Private -Enabled False;
wbMSPSecurity 1.0: Set-wbMSPsec36Off
33) Secure Microsoft Defender Firewall public profile
SetSet-NetFirewallProfile -Profile Public -Enabled True;
wbMSPSecurity 1.0: Set-wbMSPsec35On
Revert
Set-NetFirewallProfile -Profile Public -Enabled False;
wbMSPSecurity 1.0: Set-wbMSPsec35Off
34) Set 'Account lockout duration' to 15 minutes or more
Setnet accounts /lockoutduration:15
wbMSPSecurity 1.0: Set-wbMSPsec18On
35) Set 'Account lockout threshold' to 1-10 invalid login attempts
Setnet accounts /lockoutthreshold:10
wbMSPSecurity 1.0: Set-wbMSPsec19On
36) Set 'Enforce Password History' to '24 or more password(s)'
Setnet accounts /uniquepw:24
wbMSPSecurity 1.0: Set-wbMSPsec20On
37) Set 'Interactive logon: Machine inactivity limit' to '1-900 seconds'
SetNew-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\" -Name 'InactivityTimeoutSecs' -PropertyType DWORD -Value 0x00000384 -Force
wbMSPSecurity 1.0: Set-wbMSPsec21On
38) set 'Minimum Password Age' to '1 or more day(s)'
Setnet accounts /minpwage:1
wbMSPSecurity 1.0: Set-wbMSPsec22On
39) Set 'Reset account lockout counter after' to 15 minutes or more
Setnet accounts /lockoutwindow:15
wbMSPSecurity 1.0: Set-wbMSPsec23On
40) Set default behavior for 'AutoRun' to 'Enabled: Do not execute any autorun commands'
SetSet-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" -Name 'NoAutorun' -Value 1;
wbMSPSecurity 1.0: Set-wbMSPsec24On
Revert
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" -Name 'NoAutorun' -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec24Off
41) Set IPV6 source routing to highest protection
SetSet-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\" -Name 'DisableIPSourceRouting' -Value 2;
wbMSPSecurity 1.0: Set-wbMSPsec25On
Revert
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\" -Name 'DisableIPSourceRouting' -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec25Off
42) Set LAN Manager authentication level to 'Send NTLMv2 response only. Refuse LM & NTLM'
SetSet-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\" -Name 'LmCompatibilityLevel' -Value 5;
wbMSPSecurity 1.0: Set-wbMSPsec26On
Revert
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\" -Name 'LmCompatibilityLevel' -Value 3;
wbMSPSecurity 1.0: Set-wbMSPsec26Off
43) Set User Account Control (UAC) to automatically deny elevation requests
SetSet-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\" -Name 'ConsentPromptBehaviorUser' -Value 0;
wbMSPSecurity 1.0: Set-wbMSPsec27On
Revert
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\" -Name 'ConsentPromptBehaviorUser' -Value 3;
wbMSPSecurity 1.0: Set-wbMSPsec27Off
44) Set user authentication for remote connections by using Network Level Authentication to Enabled
SetSet-NetworkLevelAuthentication -EnableNLA $true;
wbMSPSecurity 1.0: Set-wbMSPsec29On
Revert
Set-NetworkLevelAuthentication -EnableNLA $false;
wbMSPSecurity 1.0: Set-wbMSPsec29Off
45) Update Microsoft Defender Antivirus definitions
SetUpdate-MpSignature;
wbMSPSecurity 1.0: Set-wbMSPsec33On
