Version and Readme update

Version and Readme update

Harden-Windows-Security Module/Main files/C#/Protect Methods/MSFTDefender_EnableDiagData.cs

@@ -11,7 +11,6 @@ public static partial class MicrosoftDefender
 	/// <exception cref="ArgumentNullException"></exception>
 	public static void MSFTDefender_EnableDiagData()
 	{
-
 		Logger.LogMessage("Enabling Optional Diagnostic Data", LogTypeIntel.Information);
 
 		LGPORunner.RunLGPOCommand(Path.Combine(GlobalVars.path, "Resources", "Security-Baselines-X", "Microsoft Defender Policies", "Optional Diagnostic Data", "registry.pol"), LGPORunner.FileType.POL);

Harden-Windows-Security Module/Main files/C#/Protect Methods/MicrosoftDefender.cs

@@ -40,9 +40,7 @@ public static void Invoke()
 
 		Logger.LogMessage("Enabling Mandatory ASLR Exploit Protection system-wide", LogTypeIntel.Information);
 
-		// Define the PowerShell command to execute
-		string command = "Set-ProcessMitigation -System -Enable ForceRelocateImages";
-		_ = PowerShellExecutor.ExecuteScript(command);
+		_ = PowerShellExecutor.ExecuteScript("Set-ProcessMitigation -System -Enable ForceRelocateImages");
 
 
 		Logger.LogMessage("Excluding GitHub Desktop Git executables from mandatory ASLR if they are found", LogTypeIntel.Information);

Harden-Windows-Security Module/Main files/C#/Protect Methods/MiscellaneousConfigurations_ReducedTelemetry.cs

@@ -12,6 +12,5 @@ public static void MiscellaneousConfigurations_ReducedTelemetry()
 		Logger.LogMessage("Applying the Reduced Telemetry policies", LogTypeIntel.Information);
 
 		LGPORunner.RunLGPOCommand(Path.Combine(GlobalVars.path, "Resources", "Security-Baselines-X", "Miscellaneous Policies", "Reduced Telemetry", "registry.pol"), LGPORunner.FileType.POL);
-
 	}
 }

Harden-Windows-Security Module/Main files/C#/Protect Methods/TLSSecurity_BattleNetClient.cs

@@ -11,10 +11,8 @@ public static partial class TLSSecurity
 	/// <exception cref="ArgumentNullException"></exception>
 	public static void TLSSecurity_BattleNetClient()
 	{
-
 		Logger.LogMessage("Adding (TLS_RSA_WITH_AES_256_CBC_SHA) cipher suite for the BattleNet Client", LogTypeIntel.Information);
 
 		LGPORunner.RunLGPOCommand(Path.Combine(GlobalVars.path, "Resources", "Security-Baselines-X", "TLS Security", "For BattleNetClient", "registry.pol"), LGPORunner.FileType.POL);
 	}
-
 }

Harden-Windows-Security Module/Main files/C#/Protect Methods/UAC_NoFastSwitching.cs

@@ -11,7 +11,6 @@ public static partial class UserAccountControl
 	/// <exception cref="ArgumentNullException"></exception>
 	public static void UAC_NoFastSwitching()
 	{
-
 		Logger.LogMessage("Applying the Hide the entry points for Fast User Switching policy", LogTypeIntel.Information);
 		LGPORunner.RunLGPOCommand(Path.Combine(GlobalVars.path, "Resources", "Security-Baselines-X", "User Account Control UAC Policies", "Hides the entry points for Fast User Switching", "registry.pol"), LGPORunner.FileType.POL);
 	}

Harden-Windows-Security Module/Main files/C#/Protect Methods/UAC_OnlyElevateSigned.cs

@@ -11,7 +11,6 @@ public static partial class UserAccountControl
 	/// <exception cref="ArgumentNullException"></exception>
 	public static void UAC_OnlyElevateSigned()
 	{
-
 		Logger.LogMessage("Applying the Only elevate executables that are signed and validated policy", LogTypeIntel.Information);
 
 		LGPORunner.RunLGPOCommand(Path.Combine(GlobalVars.path, "Resources", "Security-Baselines-X", "User Account Control UAC Policies", "Only elevate executables that are signed and validated", "GptTmpl.inf"), LGPORunner.FileType.INF);

Harden-Windows-Security Module/Main files/C#/Protect Methods/UserAccountControl.cs

@@ -11,7 +11,6 @@ public static partial class UserAccountControl
 	/// <exception cref="ArgumentNullException"></exception>
 	public static void Invoke()
 	{
-
 		ChangePSConsoleTitle.Set("💎 UAC");
 
 		Logger.LogMessage("Running the User Account Control category", LogTypeIntel.Information);

Harden-Windows-Security Module/Main files/C#/Protect Methods/WindowsNetworking_BlockNTLM.cs

@@ -11,7 +11,6 @@ public static partial class WindowsNetworking
 	/// <exception cref="ArgumentNullException"></exception>
 	public static void WindowsNetworking_BlockNTLM()
 	{
-
 		Logger.LogMessage("Blocking NTLM", LogTypeIntel.Information);
 
 		LGPORunner.RunLGPOCommand(Path.Combine(GlobalVars.path, "Resources", "Security-Baselines-X", "Windows Networking Policies", "Block NTLM", "registry.pol"), LGPORunner.FileType.POL);

Harden-Windows-Security Module/version.txt

@@ -1 +1 @@
-0.7.3
+0.7.4

Harden-Windows-Security.ps1

@@ -3,7 +3,7 @@ Function P {
     param()
     $ErrorActionPreference = 'Stop'
     Set-ExecutionPolicy -ExecutionPolicy 'Unrestricted' -Scope 'Process' -Force
-    [string]$PSDownloadURLMSIX = 'https://github.com/PowerShell/PowerShell/releases/download/v7.4.6/PowerShell-7.4.6-win.msixbundle'
+    [string]$PSDownloadURLMSIX = 'https://github.com/PowerShell/PowerShell/releases/download/v7.5.0/PowerShell-7.5.0-win.msixbundle'
     [string]$PSMSIXDownloadPath = [System.IO.Path]::Combine([System.IO.Path]::GetTempPath(), 'PowerShell.msixbundle')
     try {
         if ($PSVersionTable.PSEdition -eq 'Desktop' -and !(Get-Command -Name 'pwsh.exe' -ErrorAction Ignore)) {

README.md

@@ -1396,6 +1396,24 @@ In Windows by default, devices will scan daily, automatically download and insta
 
 <br>
 
+- <img src="https://raw.githubusercontent.com/HotCakeX/.github/main/Pictures/Gifs/magenta-verification.gif" width="25" alt="Rotating pink checkmark denoting registry or cmdlet"> [Policy](https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-policies#defaultwindowmanagementsetting) that automatically denies the window management permission to sites by default. This limits the ability of sites to see information about the device's screens and use that information to open and place windows or request fullscreen on specific screens.
+
+<br>
+
+- <img src="https://raw.githubusercontent.com/HotCakeX/.github/main/Pictures/Gifs/magenta-verification.gif" width="25" alt="Rotating pink checkmark denoting registry or cmdlet"> [Policy](https://learn.microsoft.com/en-us/deployedge/microsoft-edge-policies#extensionmanifestv2availability) that will keep support for Manifest V2 extensions enabled even after its depreciation. Manifest V2 extension support is vital for proper functioning of ublock origin (and similar extensions) which is beyond a simple adblocker and can provide lots of protection when browsing the web through its custom lists.
+
+   * Note that this is something being pushed by Google through their controlling power of Chromium, not Microsoft.
+
+<br>
+
+- <img src="https://raw.githubusercontent.com/HotCakeX/.github/main/Pictures/Gifs/magenta-verification.gif" width="25" alt="Rotating pink checkmark denoting registry or cmdlet"> [Policy](https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-policies#defaultwebusbguardsetting) that will prevent websites to even request access to the local connected USB devices.
+
+<br>
+
+- <img src="https://raw.githubusercontent.com/HotCakeX/.github/main/Pictures/Gifs/magenta-verification.gif" width="25" alt="Rotating pink checkmark denoting registry or cmdlet"> [Policy](https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-policies#dynamiccodesettings) that will disable dynamic code in Edge browser which is a security feature that prevents the browser process from creating dynamic code. The default value of this policy is not explicitly defined, it could be enable or could be disabled. Setting it explicitly to enabled via this policy ensures that no dynamic code is created by the browser process.
+
+<br>
+
 - <img src="https://raw.githubusercontent.com/HotCakeX/.github/main/Pictures/Gifs/green-verification.gif" width="25" alt="Rotating green checkmark denoting CSP"> [CSP](https://learn.microsoft.com/en-us/deployedge/configure-edge-with-mdm)
 
 ```