Fast Microsoft recommended driver block rules update with automatic scheduled task
Microsoft recommended driver block rules in Windows are automatically updated starting with Windows 11 22H2, twice per year, but the list itself is updated more often. Microsoft provides ways to update them faster and out of the schedule. I've created a PowerShell script that does this automatically and you only need to run the script once, then it will create a scheduled task in Windows that runs every 7 days and renews the recommended drivers block list. # create a scheduled task that runs every 7 days if (-NOT (Get-ScheduledTask -TaskName "MSFT Driver Block list update" -ErrorAction SilentlyContinue)) { $action = New-ScheduledTaskAction -Execute 'Powershell.exe' ` -Argument '-NoProfile -WindowStyle Hidden -command "& {Invoke-WebRequest -Uri "https://aka.ms/VulnerableDriverBlockList" -OutFile VulnerableDriverBlockList.zip;Expand-Archive .\VulnerableDriverBlockList.zip -DestinationPath "VulnerableDriverBlockList" -Force;Rename-Item .\VulnerableDriverBlockList\SiPolicy_Enforced.p7b -NewName "SiPolicy.p7b" -Force;Copy-Item .\VulnerableDriverBlockList\SiPolicy.p7b -Destination "C:\Windows\System32\CodeIntegrity";$job = Start-Job -Name "Job1" -ScriptBlock { CiTool.exe -r };Start-Sleep -s 15;Stop-Job $job;Remove-Item .\VulnerableDriverBlockList -Recurse -Force;Remove-Item .\VulnerableDriverBlockList.zip -Force;}"' $TaskPrincipal = New-ScheduledTaskPrincipal -LogonType S4U -UserId $env:USERNAME -RunLevel Highest # trigger $Time = New-ScheduledTaskTrigger ` -Once -At (Get-Date).AddHours(3) ` -RepetitionInterval (New-TimeSpan -Days 7) ` # register the task Register-ScheduledTask -Action $action -Trigger $Time -Principal $TaskPrincipal -TaskPath "MSFT Driver Block list update" -TaskName "MSFT Driver Block list update" -Description "Microsoft Recommended Driver Block List update" # define advanced settings for the task $TaskSettings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries -Compatibility Win8 -StartWhenAvailable -ExecutionTimeLimit (New-TimeSpan -Minutes 3) # add advanced settings we defined to the task Set-ScheduledTask -TaskPath "MSFT Driver Block list update" -TaskName "MSFT Driver Block list update" -Settings $TaskSettings } https://github.com/HotCakeX/Harden-Windows-Security/wiki/Fast-and-Automatic-Microsoft-Recommended-Driver-Block-Rules-updates
Blocking a number from being dialed - how do I do this?
To set up the situation, lets assume the tenant has received phishing emails where users are being told to remediate call XXX-XXX-XXXX for support. In order to help mitigate potential damages, blocking the number from being dialed in Teams and other phone systems we have control over. For Teams the only thing I could think of to address this would be to use a dial plan and set up a translation rule to redirect the number in the phishing email to one our company owns that hosts a pre-recorded message saying "This number was detected as a phishing attempt. We are preventing this number from being dialed." Does this sound doable? Am I missing something else that might be better to do? We are using Microsoft Calling Plans, in case this makes a difference in a solution for versus Direct Routing or Operator Connect in Teams. Thanks!
Block USB Drive by Serial Number
I would love to see the ability to block a USB drive by it's serial number in Defender. When you see a USB storage device as the origin of a new threat introduced on the network it would be great to block it so it cannot continue to spread. Notes: I do not want to block all USB drives. Auto USB actions already blocked.Microsoft Family safety feature is not working with Edge Android or stable on Windows 10
My account is the group's organizer, the Microsoft account that I've added to my family group, as a member has Windows 10 latest version 20H2 with Edge stable and Windows Defender on laptop. signed in with the same Microsoft account in Windows 10 and Edge profile. when I add a website to be blocked in here, it's never blocked, I can still access it on Windows 10 using Edge stable 87. does anyone have any experience with this that can help? only if you've done this before successfully.We can learn from arabian browser too. block websites
On such browser specific website are simply blocked. now the point is: edge could add such feature too. the user simply create some group of banned websites, and then we can activate it. we want to ban social? we click social and edge blocks such websites (maybe for 1 hour). Soon i will create a list of priority, so that for edge devs is easier to understand which in my opinion should be implemented first, otherwise they get lost a bit. for example this suggestions has priority 2-3 in a scala 1-10 (max). there are other extensions able to do that, or you can use mac apps. PS: brave, opera, maiar, avast, ghostbrowser have been informed about the various suggestions too (if maybe other user use multiple browser like i do). this doesn't mean that now all browser will implement the same. main suggestions will always be sent to edge and google first. i will submit the features to firefox too, but first i need to exclude already available options. You can find this suggestion on Chromium too: CHECKLATER --------------- All my other suggestions are here: https://link.ws/edgesuggestions Suggestions I liked from other user here: https://link.ws/othersuggestions Chromium suggestions list 1: https://link.ws/chrome1 and 2: https://link.ws/chrome2 From end 2020-10 all suggestions are written on both Edge and Chrome at the same time, suggestions before 2020-10 are available only on Chrome.
