MicrosoftTwo general questions / remarks
1. When looking at hardened UNC paths, https://support.microsoft.com/en-us/topic/ms15-011-vulnerability-in-group-policy-could-allow-remote-code-execution-february-10-2015-91b4bda2-945d-455b-ebbb-01d1ec191328 states the value as follows: "value1, value2" [with a space character after the comma]
The GPOs, however follow this scheme "value1,value2". [no space] While this doesn't make a difference technically, this leads to inconsitencies when comparing against other standards like CIS, that abide the documentation. Also this does not pass CIS CAT assessor and tenable tests relying on CIS (when I last checked)
2. I don't understand the benefit of configuring Policyversion to 538 for HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall
I have yet to find an answer to this topic, so far I only found people with the same question, but no proper answers, yet.
Is there anyone that can shed some light here?
https://answers.microsoft.com/en-us/windows/forum/all/policy-analyzer-windows-firewall-policy-version/e8fedf8e-8828-4bb2-ae05-27fdb92a216d
