Windows 10: Implementing Security Baseline through Intune

Discus and support Implementing Security Baseline through Intune in Windows 10 Gaming to solve the problem; Recently I applied a security base through Intune for my company. The setting was Firewall >> Default Outbound Connection >> Blocked For Domain, Public... Discussion in 'Windows 10 Gaming' started by Nitesh Sinha1, Aug 7, 2024.

  1. NITESH SINHA1
    Nitesh Sinha1 Win User

    Implementing Security Baseline through Intune


    Recently I applied a security base through Intune for my company. The setting was Firewall >> Default Outbound Connection >> Blocked For Domain, Public and Private Profile. As we applied the settings all PCs lost Network Connectivity. They would not connect to Corporate Network, LAN and Home wireless.What did I do wrong? From the Security team, I got the comment that it is Industry Best Practice to keep it Blocked. But that disrupts the Network Connectivity. If we need to keep it Allow for machines to work, What are implications? and Why in first place there will be such a setting?

    :)
     
    Nitesh Sinha1, Aug 7, 2024
    #1
  2. YUHAO LI - MSFT
    Yuhao Li - MSFT Win User

    Revert Security Baselines

    Hello, StephanHS

    Welcome to Microsoft Community.

    You're correct, you will have to create another GPO. But unfortunately, there isn’t a comprehensive list of all settings that aren’t reverted automatically by just disabling the GPO. This is because the behavior can vary depending on the specific setting and how it interacts with the system.



    This issue may be beyond the scope of issues that Microsoft Community can address. However, you might also find some insights from community discussions and expert advice on platforms like Microsoft Community Hub. These resources often have threads discussing specific GPO settings and their behaviors: Microsoft Security Baselines - Microsoft Community Hub.

    I will also keep this question open in Microsoft Community, as someone may have additional insights that could be helpful to you.

    Best regards

    Yuhao Li

    Microsoft Community Technical Support
     
    Yuhao Li - MSFT, Aug 7, 2024
    #2
  3. ANA TA
    Ana Ta Win User
    DVR Blocked in Intune - Reasons for security baseline measure?

    Hello,

    A question has been brought up by one of the employees after integration with Intune, "Why is Block DVR: Enabled is a default setting in the Microsoft Security Baseline?". I would like to know the reason why this was a decision taken by Microsoft. I need to understand the reasoning and the security concerns of this feature before changing the baseline default to allow DVR to be used.

    When doing some research I discovered that DVR is considered a vulnerability for CCTV devices and IoT Cameras.

    I have also discovered that there are a couple of vulnerability disclosures about .dvr-ms that affected older versions of Microsoft and didn't have mentions of Xbox Game Bar or Windows 10.

    MS11-015

    MS11-092

    CVE-2011-0042

    CVE-2011-0032

    CVE-2011-3401

    I have not found instances where Xbox Game Bar uses the .dvr-ms files therefore I do not yet see the exploit path through the software.

    Some of our engineers find the recording feature of the Xbox Game Bar to be beneficial when recording tutorials and instructions to be shared with the rest of the users.

    I am not quite sure where to put this under, apologies if this question is in the wrong category.
     
    Ana Ta, Aug 7, 2024
    #3
  4. ANA TA
    Ana Ta Win User

    Implementing Security Baseline through Intune

    Ana Ta, Aug 7, 2024
    #4
Thema:

Implementing Security Baseline through Intune

Loading...

  1. Implementing Security Baseline through Intune - Similar Threads - Implementing Security Baseline

  2. Intune and Security Baseline for Windows 10 and later prevents Reset PC

    in Windows 10 Gaming
    Intune and Security Baseline for Windows 10 and later prevents Reset PC: Hi,I’ve been trying to identify which setting in the Intune Security Baseline for Windows 10 and later version 23H2 might be preventing users from performing a wipe/reset of their PC through Settings > System > Recovery > Reset PC.Any thoughts or suggestions?...

  3. Intune and Security Baseline for Windows 10 and later prevents Reset PC

    in Windows 10 Software and Apps
    Intune and Security Baseline for Windows 10 and later prevents Reset PC: Hi,I’ve been trying to identify which setting in the Intune Security Baseline for Windows 10 and later version 23H2 might be preventing users from performing a wipe/reset of their PC through Settings > System > Recovery > Reset PC.Any thoughts or suggestions?...

  4. Implementing Security Baseline through Intune

    in Windows 10 Software and Apps
    Implementing Security Baseline through Intune: Recently I applied a security base through Intune for my company. The setting was Firewall >> Default Outbound Connection >> Blocked For Domain, Public and Private Profile. As we applied the settings all PCs lost Network Connectivity. They would not connect to Corporate...

  5. Implementing Security Baseline through Intune

    in AntiVirus, Firewalls and System Security
    Implementing Security Baseline through Intune: Recently I applied a security base through Intune for my company. The setting was Firewall >> Default Outbound Connection >> Blocked For Domain, Public and Private Profile. As we applied the settings all PCs lost Network Connectivity. They would not connect to Corporate...

  6. Revert Security Baselines

    in Windows 10 Gaming
    Revert Security Baselines: Hi,I recently applied Microsoft Default Security Baselines for Windows 11 to a test group. As there are currently multiple projects running, leading to multiple problems, we decided to revert the Policies and apply them at a later point.As usual I just disabled the GPOs...

  7. Revert Security Baselines

    in Windows 10 Software and Apps
    Revert Security Baselines: Hi,I recently applied Microsoft Default Security Baselines for Windows 11 to a test group. As there are currently multiple projects running, leading to multiple problems, we decided to revert the Policies and apply them at a later point.As usual I just disabled the GPOs...

  8. DVR Blocked in Intune - Reasons for security baseline measure?

    in Windows 10 Software and Apps
    DVR Blocked in Intune - Reasons for security baseline measure?: Hello,A question has been brought up by one of the employees after integration with Intune, "Why is Block DVR: Enabled is a default setting in the Microsoft Security Baseline?". I would like to know the reason why this was a decision taken by Microsoft. I need to understand...

  9. DVR Blocked in Intune - Reasons for security baseline measure?

    in Windows 10 Gaming
    DVR Blocked in Intune - Reasons for security baseline measure?: Hello,A question has been brought up by one of the employees after integration with Intune, "Why is Block DVR: Enabled is a default setting in the Microsoft Security Baseline?". I would like to know the reason why this was a decision taken by Microsoft. I need to understand...

  10. DVR Blocked in Intune - Reasons for security baseline measure?

    in Windows 10 Customization
    DVR Blocked in Intune - Reasons for security baseline measure?: Hello,A question has been brought up by one of the employees after integration with Intune, "Why is Block DVR: Enabled is a default setting in the Microsoft Security Baseline?". I would like to know the reason why this was a decision taken by Microsoft. I need to understand...