Logon settings

Signed-off-by: Tommy <contact@tommytran.io>
CVE-2023-24932
2024-11-22 08:01:46 -05:00 · 2024-01-06 22:37:58 -07:00 · 2024-01-06 22:05:54 -07:00
2 changed files with 16 additions and 1 deletions
--- a/Policy/Logon.md
+++ b/Policy/Logon.md
@ -0,0 +1,7 @@
+# Logon
+
+`Computer Configuration\Policies\Administrative Templates\System\Logon`
+
+- Turn off picture password sign-in -> Enabled
+- Show first sign-in animation -> Disabled (Not a security or privacy thing, it is just annoying)
+- Enumerate local users on domain-joined computers -> Enabled (Not a security or privacy thing, it just makes things more convenient for me)
--- a/Policy/Registries.md
+++ b/Policy/Registries.md
@ -6,4 +6,12 @@

 DisableCoInstallers -> REG_DWORD -> 1

-https://www.bleepingcomputer.com/news/microsoft/how-to-block-windows-plug-and-play-auto-installing-insecure-apps/
+https://www.bleepingcomputer.com/news/microsoft/how-to-block-windows-plug-and-play-auto-installing-insecure-apps/
+
+## CVE-2023-24932
+
+`HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Secureboot`
+
+AvailableUpdates -> REG_DWORD -> 30
+
+https://support.microsoft.com/en-us/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d
Author	SHA1	Message	Date
Tommy	2f0ff65e76	Logon settings Signed-off-by: Tommy <contact@tommytran.io>	2024-01-06 22:37:58 -07:00
Tommy	4c8b1503d1	CVE-2023-24932 Signed-off-by: Tommy <contact@tommytran.io>	2024-01-06 22:05:54 -07:00