Shift F10 During OOBE of Autopilot - Disable?

Senior Member

Hello All, 

 

So, making a long story short - Our security team is doing a review of Autopilot and its functions.   One of their major sticking points is how anyone can hit Shift F10 - open command prompt and or PowerShell and then essentially install just about anything they want before our company security applications and policies are in place.    

 

Has anyone found a solid way to potentially disable Shift F10 and or dramatically limit it for most users?

 

I've seen a couple articles, but they all are placing a flag file that gets removed after the reset so, the shift F10 door is still open as soon as the PC gets in to OOBE mode. 

1 Reply
It depends... when using push button reset features ,you can make sure its disabled even after performing a reset from intune or the device itself

https://call4cloud.nl/2022/01/the-oobe-massacre-the-beginning-of-shift-f10/

Of course putting in an USB stick to wipe the device will still work....