Proactive Remediations - Security Recommendations Defender Endpoint

Hello, Really stupid question - has anybody written detection and remediation PowerShell scripts for the following 1. Disable Adobe Flash - Adobe DC Reader 2. Disable Java Script - Adobe DC R...

Mobile Device Management (MDM)

Lassaad

Brass Contributor

braedachau

Hello ,

#Disable autorun/autoplay on all drives
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Explorer" /v NoAutoplayfornonVolume /t REG_DWORD /d 1 /f
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer" /v NoDriveTypeAutoRun /t REG_DWORD /d 255 /f
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoAutorun /t REG_DWORD /d 1 /f

#Disable Flash on Adobe Reader DC : Flash is an unsecure technology with many known vulnerabilities
REG ADD "HKLM\SOFTWARE\Policies\Adobe\Acrobat Reader\DC\FeatureLockDown" /v bEnableFlash /t REG_DWORD /d 0 /f

#Disable JavaScript on Adobe Reader DC
reg add "HKLM\SOFTWARE\Policies\Adobe\Acrobat Reader\DC\FeatureLockDown" /v bDisableJavaScript /t REG_DWORD /d 00000001 /f

braedachau

Brass Contributor

Jun 04, 2021

Lassaad,

Pretty sure I got this covered but I'll check it all again, see here. Thanks.

https://github.com/Braedach/Intune-Registry-Scripts

Forum Discussion

Proactive Remediations - Security Recommendations Defender Endpoint

Share

Resources