Forum Discussion
CIS Benchmark Assessment fails on Defender settings on Security Baseline 23H2
With the November 2021 Security Baseline, my device passed all but one setting on the CIS Benchmark Assessment. After applying Security Baseline 23H2, I am failing all of them. See CIS Benchmark Assessment.png for the comparison.
I found that something in the 23H2 Security Baseline is blocking access to the HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Windows Defender\Policy Manager folder in the registry. See attached screenshot. Since the CIS Assessment cannot access the settings to verify them, it gives us a fail on all of the Defender settings. When I go back to the November 2021 baseline, I can see all the settings in the folder.
I've reviewed every setting in the 23H2 baseline to see what would cause this and cannot find anything. Any suggestions would be greatly appreciated. Right now, it seems safer to stay on the November 2021 baseline.