Forum Discussion

MEB2004's avatar
MEB2004
Copper Contributor
Aug 23, 2024

CIS Benchmark Assessment fails on Defender settings on Security Baseline 23H2

With the November 2021 Security Baseline, my device passed all but one setting on the CIS Benchmark Assessment. After applying Security Baseline 23H2, I am failing all of them. See CIS Benchmark Assessment.png for the comparison.

 

I found that something in the 23H2 Security Baseline is blocking access to the HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Windows Defender\Policy Manager folder in the registry. See attached screenshot. Since the CIS Assessment cannot access the settings to verify them, it gives us a fail on all of the Defender settings. When I go back to the November 2021 baseline, I can see all the settings in the folder.

 

I've reviewed every setting in the 23H2 baseline to see what would cause this and cannot find anything. Any suggestions would be greatly appreciated. Right now, it seems safer to stay on the November 2021 baseline.

No RepliesBe the first to reply

Resources