xstefen/winutil
1
0
Fork 0
mirror of https://github.com/ChrisTitusTech/winutil.git synced 2024-11-14 22:55:52 -06:00
Code Issues Packages Projects Releases Wiki Activity
d441952e5e
winutil/functions/public/Invoke-WPFUpdatessecurity.ps1
Mr.k 3903eaaa24
Code Formatting of Repo - Add Preprocessing to Compilation Process - Introduction of Dev/Build Tools to WinUtil (Although very simple at the moment) (#2383) 
* Replace Tabs with Spaces to follow the conventions

* Add Preprocessing in Compiler

* Compile from Anywhere you want - Running 'Compile.ps1' Works in any directory you call it from

* Code Formatting Changes

* Result of Preprocessing Step in 'Compile.ps1' Script - Remove Trailing Whitespace Characters

* Make Preprocessing more advanced

* Move Preprocessing to a separate script file

* Make Self Modification impossible for 'tools/Do-PreProcessing.ps1' Script - Make the workingdir same as sync.PSScriptRoot for consistency

* Revert commit b5dffd671f

* Patched a Bug of some Excluded Files not actually get excluded in 'Get-ChildItem' PS Cmdlet

* Update Replace Regex for Code Formatting in 'Do-PreProcessing' Script Tool

* Rename 'Do-PreProcessing' to 'Invoke-Preprocessing' - Update some Comments

* Make 'Invoke-Preprocessing' Modular - Update RegEx to handle more cases - Update Documentation - Add Validations & Useful feedback upon error

* Replace Tabs with Spaces to follow the conventions - 'applications.json' File

* Code Formatting Changes - 'Copy-Files' Private Function

* Update Replace Regex for Code Formatting in 'Invoke-Preprocessing' Script Tool

* Replace Tabs with Spaces to follow the conventions - Make 'ExcludedFiles' validation step check all filepaths before finally checking if any has failed

* Result of 'Invoke-Preprocessing' Script

* Update Replace Regex for Code Formatting in 'Invoke-Preprocessing' Script Tool
2024-08-06 15:35:17 -05:00

54 lines
3.5 KiB
PowerShell
Raw Blame History

function Invoke-WPFUpdatessecurity {
<#
.SYNOPSIS
Sets Windows Update to recommended settings
.DESCRIPTION
1. Disables driver offering through Windows Update
2. Disables Windows Update automatic restart
3. Sets Windows Update to Semi-Annual Channel (Targeted)
4. Defers feature updates for 365 days
5. Defers quality updates for 4 days
#>
Write-Host "Disabling driver offering through Windows Update..."
If (!(Test-Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Device Metadata")) {
New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Device Metadata" -Force | Out-Null
}
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Device Metadata" -Name "PreventDeviceMetadataFromNetwork" -Type DWord -Value 1
If (!(Test-Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DriverSearching")) {
New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DriverSearching" -Force | Out-Null
}
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DriverSearching" -Name "DontPromptForWindowsUpdate" -Type DWord -Value 1
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DriverSearching" -Name "DontSearchWindowsUpdate" -Type DWord -Value 1
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DriverSearching" -Name "DriverUpdateWizardWuSearchEnabled" -Type DWord -Value 0
If (!(Test-Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate")) {
New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" | Out-Null
}
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" -Name "ExcludeWUDriversInQualityUpdate" -Type DWord -Value 1
Write-Host "Disabling Windows Update automatic restart..."
If (!(Test-Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU")) {
New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" -Force | Out-Null
}
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" -Name "NoAutoRebootWithLoggedOnUsers" -Type DWord -Value 1
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" -Name "AUPowerManagement" -Type DWord -Value 0
Write-Host "Disabled driver offering through Windows Update"
If (!(Test-Path "HKLM:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings")) {
New-Item -Path "HKLM:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings" -Force | Out-Null
}
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings" -Name "BranchReadinessLevel" -Type DWord -Value 20
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings" -Name "DeferFeatureUpdatesPeriodInDays" -Type DWord -Value 365
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings" -Name "DeferQualityUpdatesPeriodInDays" -Type DWord -Value 4
$ButtonType = [System.Windows.MessageBoxButton]::OK
$MessageboxTitle = "Set Security Updates"
$Messageboxbody = ("Recommended Update settings loaded")
$MessageIcon = [System.Windows.MessageBoxImage]::Information
[System.Windows.MessageBox]::Show($Messageboxbody, $MessageboxTitle, $ButtonType, $MessageIcon)
Write-Host "================================="
Write-Host "-- Updates Set to Recommended ---"
Write-Host "================================="
}
Reference in New Issue View Git Blame Copy Permalink