NEWS.md 8.72 KB
Newer Older
Gabriel Moreau's avatar
Gabriel Moreau committed
1 2
# NEWS

3 4
## Version 3.14 (in progress)

Gabriel Moreau's avatar
Gabriel Moreau committed
5 6 7
The string `Tweak` has been added in front of the name of all tweak functions.
This means that preset files can no longer call standard Powershell functions.
If needed, a specific tweak function must be written for security reasons.
8

9
New presets/rules:
10

Gabriel Moreau's avatar
Gabriel Moreau committed
11
 * 2022/03/16 - `UninstallKasperskyEndpoint` ([see more](dists/uninstall-kaspersky/)) - use Custom configuration module
Gabriel Moreau's avatar
Gabriel Moreau committed
12 13 14
 * 2022/03/16 - `SetTargetRelease`/`UnsetTargetRelease` -> For fix the target Feature Update version ([see more](https://admx.help/?Category=Windows_10_2016&Policy=Microsoft.Policies.WindowsUpdate::TargetReleaseVersion))
 * 2022/03/02 - `EnableClearPageFile`/`DisableClearPageFile` -> Clean PAGEFILE.SYS at shutdown
 * 2022/02/02 - `EnableASLR`/`DisableASLR` -> Address Space Layout Randomisation
15

Gabriel Moreau's avatar
Gabriel Moreau committed
16 17 18 19 20
The overload modules for the configuration `*-varOverload.psm1`,
e.g. `Custom-varOverload.psm1` are now searched in the current folder,
then in the `ProgramData` folder and then in the installation folder.
For these three cases, we start with the current folder,
the subfolder `Modules` and then we go back up to the root of the file system.
Gabriel Moreau's avatar
Gabriel Moreau committed
21
 * `(Get-Location).Path`  # `$PWD`
Gabriel Moreau's avatar
Gabriel Moreau committed
22 23
 * `$Env:ProgramData\SWMB`
 * Module Script Path  # `$Env:ProgramFiles\SWMB\Modules\SWMB`
Gabriel Moreau's avatar
Gabriel Moreau committed
24

Gabriel Moreau's avatar
Gabriel Moreau committed
25 26 27 28 29 30 31 32
The `Custom.psm1` module is now loaded by default.
The `SWMB_ImportModuleParameter` function has been moved from `SWMB.psm1`
to the Custom module (no other choice was found) and this module is loaded
first in the list of nested modules (see `SWMB.psd1`).
In case the `-core` option is used on the `swmb.ps1` command line,
you must load the Custom module in order for the `SWMB_ImportModuleParameter`
function to be used.

Gabriel Moreau's avatar
Gabriel Moreau committed
33
Many tweaks had not been classified in preset files.
Gabriel Moreau's avatar
Gabriel Moreau committed
34 35
This work on all the latest tweaks is already well underway.

36

Gabriel Moreau's avatar
Gabriel Moreau committed
37
## Version 3.13 (2021/11/22)
Gabriel Moreau's avatar
Gabriel Moreau committed
38

Gabriel Moreau's avatar
Gabriel Moreau committed
39
Add a setup file, juste write `make pkg` under Linux (Add a `Makefile`).
Gabriel Moreau's avatar
Gabriel Moreau committed
40 41
Continuous integration build the package
([here](https://resinfo-gt.pages.in2p3.fr/swmb/resinfo-swmb/)).
42
A Zip file is created for OCS Inventory.
43
A Zip file is also created for WAPT package.
44
You can use it as-is.
Gabriel Moreau's avatar
Gabriel Moreau committed
45

Gabriel Moreau's avatar
Gabriel Moreau committed
46
Add a minimal UI with `wisemoui.ps1` program. Launch it via the Start Menu.
Gabriel Moreau's avatar
Gabriel Moreau committed
47

48 49
Automatically search `Overload` and `Autodel` module in `C:\ProgramData\SWMB` folder
(and `Modules` subfolder).
Gabriel Moreau's avatar
Gabriel Moreau committed
50

Gabriel Moreau's avatar
Gabriel Moreau committed
51
Create two tasks:
52 53 54

 * `CurrentUser-Logon.ps1` - Execute at user logon `C:\ProgramData\SWMB\Presets\CurrentUser-Logon.preset`
 * `LocalMachine-Boot.ps` - Execute at boot `C:\ProgramData\SWMB\Presets\LocalMachine-Boot.preset`
Gabriel Moreau's avatar
Gabriel Moreau committed
55 56 57 58 59 60

If a module with the same name exist in `C:\ProgramData\SWMB\Modules`, it's will be launch.

An event is created in Application at begin and end.
Output is redirect in a log file inside the folder `C:\ProgramData\SWMB\Logs`.

61
Two presets `CurrentUser-Logon-Test.preset` and `LocalMachine-Boot-Test.preset`
Gabriel Moreau's avatar
Gabriel Moreau committed
62 63 64
are copied on folder `C:\ProgramData\SWMB\Presets`.
They could serve for test or as simple examples.

Gabriel Moreau's avatar
Gabriel Moreau committed
65 66
Two presets [CurrentUser-Logon-Recommanded.preset](Presets/CurrentUser-Logon-Recommanded.preset)
and [LocalMachine-Boot-Recommanded.preset](Presets/LocalMachine-Boot-Recommanded.preset)
67 68 69 70 71
are copied on folder `C:\ProgramData\SWMB\Presets`
with the names `CurrentUser-Logon.preset` and `LocalMachine-Boot.preset`.
They are execute at logon (account SYSTEM) and at boot (account CurrentUser).
Configuration tweaks are thus performed on any workstation that installs SWMB.
These tweaks are selected by the SWMB working group (RESINFO).
Gabriel Moreau's avatar
Gabriel Moreau committed
72
The default boot preset is not empty.
Gabriel Moreau's avatar
Gabriel Moreau committed
73 74 75 76 77 78 79
If you don't want any tweaks, replace these two files with empty ones
or don't activate them with the installer.
On the command line you can do this with:
```ps1
SWMB-Setup-XXX.exe /S /ACTIVATED_PRESET=0
```
Any value other than 0 (or nothing) will activate the default preset.
80

Gabriel Moreau's avatar
Gabriel Moreau committed
81
New presets/rules:
82

Gabriel Moreau's avatar
Gabriel Moreau committed
83 84 85 86 87 88 89
 * 2021/10/21 - `$PRESET` and `$IMPORT` can open absolute and relative path file (before only relative path was possible)
 * 2021/10/21 - `$PRESET` replace `$INCLUDE` to include a preset file.
 * 2021/10/20 - `SysCheckpoint` - Make a system checkpoint if possible (max one per day)
 * 2021/10/19 - `$INCLUDE` (`$PRESET`) and `$IMPORT` can open filename with space in PATH. Protect the string with double quote `"`.
 * 2021/10/16 - `SysBox` - Like `SysMessage` but open a Box (experimental)
 * 2021/10/15 - `SysEvent` - Like `SysMessage` but send an Event
 * 2021/10/11 - `$IMPORT` - Like `$PRESET` but import a module from a preset file
Gabriel Moreau's avatar
Gabriel Moreau committed
90

Gabriel Moreau's avatar
Gabriel Moreau committed
91
New CLI parameter:
92 93 94 95 96 97 98 99 100 101

 * `-import` replace `-include` to be more clear.
   As `$PRESET` replace `$INCLUDE` in preset file.
   The word `include` is not use anymore because sometime it was on modules and sometime on preset files.
 * `-hash filename` makes a hash of the tweak list (preset)
   and compares it with the old hash stored in filename.
   If the hashes differ, a system checkpoint is performed.
   A folder `Caches` is created in `C:\ProgramData\SWMB`
   to store all the hashes.
 * `-version` print the program version.
Gabriel Moreau's avatar
Gabriel Moreau committed
102

103 104 105
New module architecture, Win10- prefix has been replaced by LocalMachine-.
This is better for the new Windows 11 operating system.

106

Gabriel Moreau's avatar
Gabriel Moreau committed
107
## Version 3.12 (2021/09/14)
Gabriel Moreau's avatar
Gabriel Moreau committed
108

Gabriel Moreau's avatar
Gabriel Moreau committed
109
Rename main program Win10.ps1 to swmb.ps1
Gabriel Moreau's avatar
Gabriel Moreau committed
110
Add a compatibility program for upgrade Win10.ps1
Gabriel Moreau's avatar
Gabriel Moreau committed
111

Gabriel Moreau's avatar
Gabriel Moreau committed
112
New modules architecture:
113 114 115 116 117 118 119 120

 * `Modules/SWMB.psd1` - Generic preload module (`Modules/SWMB.psm1`)
 * `Modules/SWMB/Custom.psm1` - Additionnal rules with parameter
 * `Modules/SWMB/Resinfo.psm1` - ANSSI rules
 * `Modules/SWMB/Experimental.psm1` - Experimentals rules
 * `Modules/SWMB/Win10-*.psm1` - Initial module from Disassembler0
 * `Modules/SWMB/CurrentUser-*.psm1` - Initial module from Disassembler0 base on HKCU
 * `Modules/SWMB/TemporaryBypass.psm1` - Temporary Bypass Strategy Module
Gabriel Moreau's avatar
Gabriel Moreau committed
121

122 123 124 125
Parameter module now use global hash table (via the `*-VarOverload.psm1` plugin).
Automatically search `Overload` variable module in parent folder.
Added support for the `Autodel` plugin in addition to the `Overload` plugin.
As the name suggests, the plug-in file `*-VarAutodel.psm1` will be deleted right after loading.
Gabriel Moreau's avatar
Gabriel Moreau committed
126

127
Add `View*` function to help debugging
Gabriel Moreau's avatar
Gabriel Moreau committed
128

Gabriel Moreau's avatar
Gabriel Moreau committed
129
New dists:
130 131

 * [crypt-with-bitlocker](./dists/crypt-with-bitlocker/)
Gabriel Moreau's avatar
Gabriel Moreau committed
132

133
New CLI parameter:
134 135 136 137

 * `-core`  - Load minimal SWMB code module. Must be the first parameter
 * `-check` - Check for duplicated tweak preset and tweak implementations. Do not execute any preset
 * `-exp`  - Load Experimental module (add Experimental feature)
138

Gabriel Moreau's avatar
Gabriel Moreau committed
139
New preset selection:
140 141 142 143 144 145

 * `Post-Install.preset` - Enable Bitlocker after installation
 * `Current-User.preset` - Preset for Current User and not Local Machine
 * `System-Resinfo.preset` - Preset on system and network
 * `LocalMachine-*.preset` - Rename `*-Resinfo.preset` file for local machine tweak
 * `LocalMachine-Default.preset` - New global preset file with $INCLUDE directive
Gabriel Moreau's avatar
Gabriel Moreau committed
146 147

Preset file could now include other files with the $INCLUDE directive
Gabriel Moreau's avatar
Gabriel Moreau committed
148 149

New presets/rules:
150

Gabriel Moreau's avatar
Gabriel Moreau committed
151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167
 * 2021/09/10 - `DisableMSHTMLActiveX`/`EnableMSHTMLActiveX`/`View...` Disable ActiveX in MSHTML (Internet Explorer) CVE-2021-40444
 * 2021/08/28 - `DisableAutoloadDriver`/`EnableAutoloadDriver` -> Zero day on autoload driver on network
 * 2021/07/10 - `SysRequireAdmin` replace `RequireAdmin`
 * 2021/07/07 - `SysAutoUpgrade` - Auto Upgrade your SWMB folder! Need an internet access to the Git repository
 * 2021/07/02 - `DisablePrintForSystem`/`EnablePrintForSystem`/`ViewPrintForSystem` -> Pseudo patch for CVE-2021-34527
 * 2021/06/14 - `EnableInsecureGuestLogons`/`DisableInsecureGuestLogons` -> Disable by default
 * 2021/06/13 - `DisableSMB1Protocol`/`EnableSMB1Protocol` -> SMBv1 protocol
 * 2021/06/13 - `DisableSMB1`/`EnableSMB1` rename -> `DisableSMB1Server`/`EnableSMB1Server`
 * 2021/06/05 - `SetNTPConfig`/`UnsetNTPConfig` - NTP service configuration
 * 2021/06/05 - `EnableGodMod_CU`/`EnableGodMod_CU` - God Mod for Current user
 * 2021/06/05 - Rename `Restart` -> `SysRestart` and `WaitForKey` -> `SysPause`
 * 2021/06/05 - `SysHalt` - Halt computer and not Reboot
 * 2021/06/04 - `SysMessage` - Just write a message on terminal for debugging purpose (like WaitForKey)
 * 2021/06/04 - `DisableUWPAccessLocation`/`EnableUWPAccessLocation` - Let UWP Apps Access Location
 * 2021/06/01 - `DisableWindowsFeeds`/`EnableWindowsFeeds` - News and Interests on Taskbar
 * 2021/05/12 - `EnableBitlocker`/`DisableBitlocker` - Crypt hard drive with bitlocker
 * 2021/04/29 - `DisableWindowsHello`/`EnableWindowsHello` - Windows Hello Authentification
Gabriel Moreau's avatar
Gabriel Moreau committed
168 169


Gabriel Moreau's avatar
Gabriel Moreau committed
170 171 172 173 174 175 176
## Version 3.11 (never publish)

All ANSSI rules integration.

First paramter module implementation with global variable.

New dists folder with use case examples.
Gabriel Moreau's avatar
Gabriel Moreau committed
177

Gabriel Moreau's avatar
Gabriel Moreau committed
178
New presets selection:
179

Gabriel Moreau's avatar
Gabriel Moreau committed
180 181 182 183 184 185
 * `Cloud-Resinfo.preset`
 * `CortanaSearch-Resinfo.preset`
 * `Post-Install.preset`
 * `Telemetry-Resinfo.preset`
 * `UniversalApps-Resinfo.preset`
 * `UserExperience-Resinfo.preset`
Gabriel Moreau's avatar
Gabriel Moreau committed
186 187


Gabriel Moreau's avatar
Gabriel Moreau committed
188
## Version 3.10
Gabriel Moreau's avatar
Gabriel Moreau committed
189 190

Initial version from Disassembler0 `Win10-Initial-Setup-Script` project