From 0eb34f527843194c3315f00fd7c7e7ffcf074010 Mon Sep 17 00:00:00 2001
From: Tommy <contact@tommytran.io>
Date: Sat, 30 Dec 2023 22:27:37 -0700
Subject: [PATCH] Update policies

Signed-off-by: Tommy <contact@tommytran.io>
---
 Group Policies Objects/Device Guard.md                       | 2 +-
 Group Policies Objects/Gaming/Mitigation Options.md          | 5 +++++
 .../System => }/Kernel DMA Protection.md                     | 0
 .../System => }/Mitigation Options.md                        | 0
 Group Policies Objects/Parallels/Device Guard.md             | 5 +++++
 .../Windows Time Service (Parallels).md}                     | 0
 .../Windows Components => }/Software Protection Platform.md  | 0
 7 files changed, 11 insertions(+), 1 deletion(-)
 create mode 100644 Group Policies Objects/Gaming/Mitigation Options.md
 rename Group Policies Objects/{Computer Configuration/System => }/Kernel DMA Protection.md (100%)
 rename Group Policies Objects/{Computer Configuration/System => }/Mitigation Options.md (100%)
 create mode 100644 Group Policies Objects/Parallels/Device Guard.md
 rename Group Policies Objects/{Computer Configuration/Parallels/Windows Time Service.md => Parallels/Windows Time Service (Parallels).md} (100%)
 rename Group Policies Objects/{Computer Configuration/Windows Components => }/Software Protection Platform.md (100%)

diff --git a/Group Policies Objects/Device Guard.md b/Group Policies Objects/Device Guard.md
index a76aba2..b8ba067 100644
--- a/Group Policies Objects/Device Guard.md	
+++ b/Group Policies Objects/Device Guard.md	
@@ -2,7 +2,7 @@
 
 `Computer Configuration\Administrative Templates\System\Device Guard`
 
-- Turn On Virtualization Based Security -> Enabled (**Only do this if you are running Windows on bare metal or with nested virtualization**)
+- Turn On Virtualization Based Security -> Enabled
 
 1. Select Platform Security Level: Secure Boot and DMA Protection
 2. Virtualization Based Protection of Code Integrity: Enabled with UEFI lock
diff --git a/Group Policies Objects/Gaming/Mitigation Options.md b/Group Policies Objects/Gaming/Mitigation Options.md
new file mode 100644
index 0000000..367e2b9
--- /dev/null
+++ b/Group Policies Objects/Gaming/Mitigation Options.md	
@@ -0,0 +1,5 @@
+# Mitigation Options
+
+`Computer Configuration\Administrative Templates\System\Mitigation Options`
+
+- Untrusted Font Blocking -> Disabled
\ No newline at end of file
diff --git a/Group Policies Objects/Computer Configuration/System/Kernel DMA Protection.md b/Group Policies Objects/Kernel DMA Protection.md
similarity index 100%
rename from Group Policies Objects/Computer Configuration/System/Kernel DMA Protection.md
rename to Group Policies Objects/Kernel DMA Protection.md
diff --git a/Group Policies Objects/Computer Configuration/System/Mitigation Options.md b/Group Policies Objects/Mitigation Options.md
similarity index 100%
rename from Group Policies Objects/Computer Configuration/System/Mitigation Options.md
rename to Group Policies Objects/Mitigation Options.md
diff --git a/Group Policies Objects/Parallels/Device Guard.md b/Group Policies Objects/Parallels/Device Guard.md
new file mode 100644
index 0000000..598e913
--- /dev/null
+++ b/Group Policies Objects/Parallels/Device Guard.md	
@@ -0,0 +1,5 @@
+# Device Guard
+
+`Computer Configuration\Administrative Templates\System\Device Guard`
+
+- Turn On Virtualization Based Security -> Disabled
\ No newline at end of file
diff --git a/Group Policies Objects/Computer Configuration/Parallels/Windows Time Service.md b/Group Policies Objects/Parallels/Windows Time Service (Parallels).md
similarity index 100%
rename from Group Policies Objects/Computer Configuration/Parallels/Windows Time Service.md
rename to Group Policies Objects/Parallels/Windows Time Service (Parallels).md
diff --git a/Group Policies Objects/Computer Configuration/Windows Components/Software Protection Platform.md b/Group Policies Objects/Software Protection Platform.md
similarity index 100%
rename from Group Policies Objects/Computer Configuration/Windows Components/Software Protection Platform.md
rename to Group Policies Objects/Software Protection Platform.md