Articles

How to install windows Sandbox with PowerShell

Image
Windows Sandbox provides a lightweight desktop environment to safely run applications in isolation. Software installed inside the Windows Sandbox environment remains "sandboxed" and runs separately from the host machine. A sandbox is temporary. When it's closed, all the software and files and the state are deleted. You get a brand-new instance of the sandbox every time you open the application. Note, however, that as of Windows 11 Build 22509, your data will persist through a restart initiated from inside the virtualized environment useful for installing applications that require the OS to reboot. Software and applications installed on the host aren't directly available in the sandbox. If you need specific applications available inside the Windows Sandbox environment, they must be explicitly installed within the environment. Sources :  https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview Script presentation Scri

How to enable nested virtualization in Hyper-V virtual machine on Windows 11

Image
Nested virtualization is a feature available on Hyper-V from Windows Server 2016 and Windows 10, which enables virtualization options within a virtual machine. This option is very useful when setting up a lab on Hyper-V to test components like Windows Sandbox in the virtual machine for example. Prerequisites The Hyper-V host must be under Windows Server 2016/2019 or Windows 10 1607 or +. The virtual machine must be under Windows Server 2016/2019 or Windows 10 1607 or +.      Intel processor with VT-x and EPT technology Hyper-V host with Windows Server 2016/Windows 10 or later Virtual machine configuration version 8.0 or later      AMD EPYC/Ryzen processor or later Hyper-V host with Windows Server 2022/Windows 11 or later Setting up a 10.0 or later virtual machine Nested virtualization activation Open PowerShell console with Admin Right Execute this command line Set-VMProcessor -VMName VMNAME -ExposeVirtualizationExtensions $true    For obtained the VM list available on your computer

How to configure Credential Guard with MS Intune

Image
Windows Defender Credential Guard, introduced with Windows 10, uses virtualization-based security to containerize the LSASS authentication process.   This solution protects you from credential harvesting by running LSASS in a separate virtual machine on the client to prevent an attacker from collecting your credentials by dumping, for example, the authentication process that stores your NTLM and Kerberos credentials. Prerequisites  Windows Defender Credential Guard: Support for Virtualization-based security (required) Secure boot (required) TPM 1.2 or 2.0, either discrete or firmware (preferred – provides binding to hardware) UEFI lock (preferred – prevents attacker from disabling with a simple registry key change) The Virtualization-based security requires: 64-bit CPU CPU virtualization extensions plus extended page tables Windows hypervisor (does not require Hyper-V Windows Feature to be installed) Credential Guard configuration with Microsoft Intune Go to https://endpoint.microsoft.

Windows 365 Black Screen with Please Wait mention

Image
When using the Windows 365 solution and you connect with Remote Desktop App or the web portal, you may encounter the following problem, the virtual machine remains frozen on the screen below : This bug can be linked to several factors such as:  a network outage problem during the execution of the boot of the virtual machine other issue Resolution In this case, the first thing to do is to try to restart the virtual machine, by performing the actions below: Connect to  https://windows365.microsoft.com/ Click on Manage Cloud PC and Restart Validate Restart  Your cloud PC is ready , You can now connect.

How to reset computer in OOBE mode

Image
When you receive a new computer, it may contain various applications that are useless in a business context. To solve this problem and start with a clean PC, it may be interesting to reset it.  Here is two procedures that can be performed in OOBE mode Manual process Click CTRL + Shift + F3 , your computer restart. The Windows session is automatically opened Go to Start Menu \ Parameters \ Update & Security \ Recovery and click on Get Started Select Remove everything Select Local reinstall Click Next Click Reset Your computer restarts and proceeds to a complete reinstallation. With Command Line Click  Shift + F10 , your computer restart. Used this command line : systemreset -factoryreset Select Remove everything Select Remove files and clean the drive Click Reset Your computer restarts and proceeds to a complete reinstallation.

Windows 11 security check with Powershell

Image
Presentation This script provides an overview of the status of the various security components integrated into Windows 10 and 11. Github link : https://github.com/ChrisMogis/Win11_Security_Check When running the script, we check for the following: Windows Defender Windows Firewall Secure Boot Bitlocker Windows Updates Windows Hypervisor Credential Guard Device Guard App Guard As well as the status of the following protocols : SMB v1 TLS1.2 SSL 2.0 SSL3.0 PCT 1.0 WDigest LLMNR HVCI Execution Command line :  powershell.exe -executionpolicy ByPass -file .\W11_Security_Check.ps1 Other information The script will evolve in the coming weeks and integrate the remediation part.

How to disable Internet Explorer on Windows 10 Client with Microsoft Intune

Image
Disable Internet Explorer on Windows 10 Client For obvious security reasons, it is essential to disactivate Internet Explorer on all computers in your IT infrastructure. In this article, i'm going to explain all steps for disable Internet Explorer on Windows 10 client.  source :  https://docs.microsoft.com/en-us/deployedge/edge-ie-disable-ie11 Process Open the Microsoft Intune Console : https://Endpoint.microsoft.com Select Devices / Windows / Configuration profiles  Click Create profile Select platform,  Profile type and Custom Enter a name select Add  Enter this informations Name :  Disable Internet Explorer 11 Description :  Disable Internet Explorer for all computers OMA-URI :  ./Device/Vendor/MSFT/Policy/Config/InternetExplorer/DisableInternetExplorerApp Data type : String Value :  <enabled/><data id="NotifyDisableIEOptions" value="2"/> Click Save and Next  Select device group for assignment and click Next In applicability Rules, click Next R