Skip to content

Commit

Permalink
Update RegistryPath for ID 18.9.45.3.1
Browse files Browse the repository at this point in the history
  • Loading branch information
@0x6d69636b
0x6d69636b committed Apr 19, 2021
1 parent 5f90166 commit 8123d89
Show file tree
Hide file tree
Showing 7 changed files with 7 additions and 7 deletions.
2 changes: 1 addition & 1 deletion lists/finding_list_cis_microsoft_windows_10_enterprise_1809_machine.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -512,7 +512,7 @@ strength (for removable data drives)",Registry,,HKLM:\Software\Policies\Microsof
18.9.69.3,"Administrative Templates: Windows Components","Store: Turn off Automatic Download and Install of updates",Registry,,HKLM:\SOFTWARE\Policies\Microsoft\WindowsStore,AutoDownload,,,,,4,=,Medium
18.9.69.4,"Administrative Templates: Windows Components","Store: Turn off the offer to update to the latest version of Windows",Registry,,HKLM:\SOFTWARE\Policies\Microsoft\WindowsStore,DisableOSUpgrade,,,,,1,=,Medium
18.9.69.5,"Administrative Templates: Windows Components","Store: Turn off the Store application",Registry,,HKLM:\SOFTWARE\Policies\Microsoft\WindowsStore,RemoveWindowsStore,,,,,1,=,Medium
18.9.77.3.1,"Microsoft Defender Antivirus","MAPS: Configure local setting override for reporting to Microsoft MAPS",Registry,,HKLM:\SOFTWARE\Policies\Microsoft\WindowsDefender\Spynet,LocalSettingOverrideSpynetReporting,,,,,0,=,Medium
18.9.77.3.1,"Microsoft Defender Antivirus","MAPS: Configure local setting override for reporting to Microsoft MAPS",Registry,,"HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet",LocalSettingOverrideSpynetReporting,,,,,0,=,Medium
18.9.77.3.2,"Microsoft Defender Antivirus","MAPS: Join Microsoft MAPS",Registry,,"HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet",SpynetReporting,,,,,0,=,Medium
18.9.77.7.1,"Microsoft Defender Antivirus","Real-time Protection: Turn on behavior monitoring (Policy)",Registry,,"HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection",DisableBehaviorMonitoring,,,,,0,=,Medium
18.9.77.9.1,"Microsoft Defender Antivirus","Reporting: Configure Watson events",Registry,,"HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting",DisableGenericRePorts,,,,,1,=,Medium
Expand Down
2 changes: 1 addition & 1 deletion lists/finding_list_cis_microsoft_windows_10_enterprise_1903_machine.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -511,7 +511,7 @@ ID,Category,Name,Method,MethodArgument,RegistryPath,RegistryItem,ClassName,Names
18.9.69.3,"Administrative Templates: Windows Components","Store: Turn off Automatic Download and Install of updates",Registry,,HKLM:\SOFTWARE\Policies\Microsoft\WindowsStore,AutoDownload,,,,,4,=,Medium
18.9.69.4,"Administrative Templates: Windows Components","Store: Turn off the offer to update to the latest version of Windows",Registry,,HKLM:\SOFTWARE\Policies\Microsoft\WindowsStore,DisableOSUpgrade,,,,,1,=,Medium
18.9.69.5,"Administrative Templates: Windows Components","Store: Turn off the Store application",Registry,,HKLM:\SOFTWARE\Policies\Microsoft\WindowsStore,RemoveWindowsStore,,,,,1,=,Medium
18.9.77.3.1,"Microsoft Defender Antivirus","MAPS: Configure local setting override for reporting to Microsoft MAPS",Registry,,HKLM:\SOFTWARE\Policies\Microsoft\WindowsDefender\Spynet,LocalSettingOverrideSpynetReporting,,,,,0,=,Medium
18.9.77.3.1,"Microsoft Defender Antivirus","MAPS: Configure local setting override for reporting to Microsoft MAPS",Registry,,"HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet",LocalSettingOverrideSpynetReporting,,,,,0,=,Medium
18.9.77.3.2,"Microsoft Defender Antivirus","MAPS: Join Microsoft MAPS",Registry,,"HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet",SpynetReporting,,,,,0,=,Medium
18.9.77.7.1,"Microsoft Defender Antivirus","Real-time Protection: Turn on behavior monitoring (Policy)",Registry,,"HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection",DisableBehaviorMonitoring,,,,,0,=,Medium
18.9.77.9.1,"Microsoft Defender Antivirus","Reporting: Configure Watson events",Registry,,"HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting",DisableGenericRePorts,,,,,1,=,Medium
Expand Down
2 changes: 1 addition & 1 deletion lists/finding_list_cis_microsoft_windows_10_enterprise_1909_machine.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -511,7 +511,7 @@ ID,Category,Name,Method,MethodArgument,RegistryPath,RegistryItem,ClassName,Names
18.9.69.3,"Administrative Templates: Windows Components","Store: Turn off Automatic Download and Install of updates",Registry,,HKLM:\SOFTWARE\Policies\Microsoft\WindowsStore,AutoDownload,,,,,4,=,Medium
18.9.69.4,"Administrative Templates: Windows Components","Store: Turn off the offer to update to the latest version of Windows",Registry,,HKLM:\SOFTWARE\Policies\Microsoft\WindowsStore,DisableOSUpgrade,,,,,1,=,Medium
18.9.69.5,"Administrative Templates: Windows Components","Store: Turn off the Store application",Registry,,HKLM:\SOFTWARE\Policies\Microsoft\WindowsStore,RemoveWindowsStore,,,,,1,=,Medium
18.9.77.3.1,"Microsoft Defender Antivirus","MAPS: Configure local setting override for reporting to Microsoft MAPS",Registry,,HKLM:\SOFTWARE\Policies\Microsoft\WindowsDefender\Spynet,LocalSettingOverrideSpynetReporting,,,,,0,=,Medium
18.9.77.3.1,"Microsoft Defender Antivirus","MAPS: Configure local setting override for reporting to Microsoft MAPS",Registry,,"HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet",LocalSettingOverrideSpynetReporting,,,,,0,=,Medium
18.9.77.3.2,"Microsoft Defender Antivirus","MAPS: Join Microsoft MAPS",Registry,,"HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet",SpynetReporting,,,,,0,=,Medium
18.9.77.7.1,"Microsoft Defender Antivirus","Real-time Protection: Turn on behavior monitoring (Policy)",Registry,,"HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection",DisableBehaviorMonitoring,,,,,0,=,Medium
18.9.77.9.1,"Microsoft Defender Antivirus","Reporting: Configure Watson events",Registry,,"HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting",DisableGenericRePorts,,,,,1,=,Medium
Expand Down
2 changes: 1 addition & 1 deletion lists/finding_list_cis_microsoft_windows_10_enterprise_2004_machine.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -468,7 +468,7 @@ ID,Category,Name,Method,MethodArgument,RegistryPath,RegistryItem,ClassName,Names
18.9.39.1,"Administrative Templates: Windows Components","Location and Sensors: Turn off location",Registry,,HKLM:\SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors,DisableLocation,,,,0,1,=,Medium
18.9.43.1,"Administrative Templates: Windows Components","Messaging: Allow Message Service Cloud Sync",Registry,,HKLM:\SOFTWARE\Policies\Microsoft\Windows\Messaging,AllowMessageSync,,,,1,0,=,Medium
18.9.44.1,"Administrative Templates: Windows Components","Microsoft account: Block all consumer Microsoft account user authentication",Registry,,HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftAccount,DisableUserAuth,,,,,1,=,Medium
18.9.45.3.1,"Microsoft Defender Antivirus","MAPS: Configure local setting override for reporting to Microsoft MAPS",Registry,,HKLM:\SOFTWARE\Policies\Microsoft\WindowsDefender\Spynet,LocalSettingOverrideSpynetReporting,,,,,0,=,Medium
18.9.45.3.1,"Microsoft Defender Antivirus","MAPS: Configure local setting override for reporting to Microsoft MAPS",Registry,,"HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet",LocalSettingOverrideSpynetReporting,,,,,0,=,Medium
18.9.45.3.2,"Microsoft Defender Antivirus","MAPS: Join Microsoft MAPS",Registry,,"HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet",SpynetReporting,,,,,0,=,Medium
18.9.45.4.1.1,"Microsoft Defender Exploit Guard","Attack Surface Reduction rules",Registry,,"HKLM:\Software\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\ASR",ExploitGuard_ASR_Rules,,,,0,1,=,Medium
18.9.45.4.1.2.1.1,"Microsoft Defender Exploit Guard","ASR: Block Office applications from creating child processes (Policy)",Registry,,"HKLM:\Software\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\ASR\rules",d4f940ab-401b-4efc-aadc-ad5f3c50688a,,,,0,1,=,Medium
Expand Down
2 changes: 1 addition & 1 deletion lists/finding_list_cis_microsoft_windows_10_enterprise_2009_machine.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -469,7 +469,7 @@ ID,Category,Name,Method,MethodArgument,RegistryPath,RegistryItem,ClassName,Names
18.9.39.1,"Administrative Templates: Windows Components","Location and Sensors: Turn off location",Registry,,HKLM:\SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors,DisableLocation,,,,0,1,=,Medium
18.9.43.1,"Administrative Templates: Windows Components","Messaging: Allow Message Service Cloud Sync",Registry,,HKLM:\SOFTWARE\Policies\Microsoft\Windows\Messaging,AllowMessageSync,,,,1,0,=,Medium
18.9.44.1,"Administrative Templates: Windows Components","Microsoft account: Block all consumer Microsoft account user authentication",Registry,,HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftAccount,DisableUserAuth,,,,,1,=,Medium
18.9.45.3.1,"Microsoft Defender Antivirus","MAPS: Configure local setting override for reporting to Microsoft MAPS",Registry,,HKLM:\SOFTWARE\Policies\Microsoft\WindowsDefender\Spynet,LocalSettingOverrideSpynetReporting,,,,,0,=,Medium
18.9.45.3.1,"Microsoft Defender Antivirus","MAPS: Configure local setting override for reporting to Microsoft MAPS",Registry,,"HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet",LocalSettingOverrideSpynetReporting,,,,,0,=,Medium
18.9.45.3.2,"Microsoft Defender Antivirus","MAPS: Join Microsoft MAPS",Registry,,"HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet",SpynetReporting,,,,,0,=,Medium
18.9.45.4.1.1,"Microsoft Defender Exploit Guard","Attack Surface Reduction rules",Registry,,"HKLM:\Software\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\ASR",ExploitGuard_ASR_Rules,,,,0,1,=,Medium
18.9.45.4.1.2.1.1,"Microsoft Defender Exploit Guard","ASR: Block Office applications from creating child processes (Policy)",Registry,,"HKLM:\Software\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\ASR\rules",d4f940ab-401b-4efc-aadc-ad5f3c50688a,,,,0,1,=,Medium
Expand Down
2 changes: 1 addition & 1 deletion lists/finding_list_cis_microsoft_windows_server_2019_1809_1.1.0_machine.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -349,7 +349,7 @@ ID,Category,Name,Method,MethodArgument,RegistryPath,RegistryItem,ClassName,Names
18.9.61.2,"Administrative Templates: Windows Components","Search: Allow Cloud Search",Registry,,"HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Search",AllowCloudSearch,,,,1,0,=,Medium
18.9.61.3,"Administrative Templates: Windows Components","Search: Allow indexing of encrypted files",Registry,,"HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Search",AllowIndexingEncryptedStoresOrItems,,,,1,0,=,Medium
18.9.66.1,"Administrative Templates: Windows Components","Software Protection Platform: Turn off KMS Client Online AVS Validation",Registry,,"HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\Software Protection Platform",NoGenTicket,,,,,1,=,Medium
18.9.77.3.1,"Microsoft Defender Antivirus","MAPS: Configure local setting override for reporting to Microsoft MAPS",Registry,,HKLM:\SOFTWARE\Policies\Microsoft\WindowsDefender\Spynet,LocalSettingOverrideSpynetReporting,,,,,0,=,Medium
18.9.77.3.1,"Microsoft Defender Antivirus","MAPS: Configure local setting override for reporting to Microsoft MAPS",Registry,,"HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet",LocalSettingOverrideSpynetReporting,,,,,0,=,Medium
18.9.77.3.2,"Microsoft Defender Antivirus","MAPS: Join Microsoft MAPS",Registry,,"HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet",SpynetReporting,,,,,0,=,Medium
18.9.77.7.1,"Microsoft Defender Antivirus","Real-time Protection: Turn on behavior monitoring (Policy)",Registry,,"HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection",DisableBehaviorMonitoring,,,,,0,=,Medium
18.9.77.9.1,"Microsoft Defender Antivirus","Reporting: Configure Watson events",Registry,,"HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting",DisableGenericRePorts,,,,,1,=,Medium
Expand Down
2 changes: 1 addition & 1 deletion lists/finding_list_cis_microsoft_windows_server_2019_1809_1.2.0_machine.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -331,7 +331,7 @@ ID,Category,Name,Method,MethodArgument,RegistryPath,RegistryItem,ClassName,Names
18.9.39.1,"Administrative Templates: Windows Components","Location and Sensors: Turn off location",Registry,,HKLM:\SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors,DisableLocation,,,,0,1,=,Medium
18.9.43.1,"Administrative Templates: Windows Components","Messaging: Allow Message Service Cloud Sync",Registry,,HKLM:\SOFTWARE\Policies\Microsoft\Windows\Messaging,AllowMessageSync,,,,1,0,=,Medium
18.9.44.1,"Administrative Templates: Windows Components","Microsoft account: Block all consumer Microsoft account user authentication",Registry,,HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftAccount,DisableUserAuth,,,,,1,=,Medium
18.9.45.3.1,"Microsoft Defender Antivirus","MAPS: Configure local setting override for reporting to Microsoft MAPS",Registry,,HKLM:\SOFTWARE\Policies\Microsoft\WindowsDefender\Spynet,LocalSettingOverrideSpynetReporting,,,,,0,=,Medium
18.9.45.3.1,"Microsoft Defender Antivirus","MAPS: Configure local setting override for reporting to Microsoft MAPS",Registry,,"HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet",LocalSettingOverrideSpynetReporting,,,,,0,=,Medium
18.9.45.3.2,"Microsoft Defender Antivirus","MAPS: Join Microsoft MAPS",Registry,,"HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet",SpynetReporting,,,,,0,=,Medium
18.9.45.4.1.1,"Microsoft Defender Exploit Guard","Attack Surface Reduction rules",Registry,,"HKLM:\Software\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\ASR",ExploitGuard_ASR_Rules,,,,0,1,=,Medium
18.9.45.4.1.2.1.1,"Microsoft Defender Exploit Guard","ASR: Block Office applications from creating child processes (Policy)",Registry,,"HKLM:\Software\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\ASR\rules",d4f940ab-401b-4efc-aadc-ad5f3c50688a,,,,0,1,=,Medium
Expand Down

0 comments on commit 8123d89

Please sign in to comment.