Which changes are directly based on Microsoft recommendations and which aren't?

[pingu-the-penguin]

Hello,

I hope that this does not come off as rude or attacking the project, but I was wondering which changes that are applied by the Harden Windows Security app are based on official Microsoft documentation and which are based on your personal recommendations or understandings. I ask because of #842 which seems to me like an addition that was based on an idealogical stance rather than explicit documentation from Microsoft that recommended enabling Manifest V2 Availability. Unfortunately, such a change also resulted in decreased security for Microsoft Edge users who used this tool as discussed in the previous issue. I was wondering if it is easy to tell which changes are explicitly recommended by Microsoft and which aren't.

Again not meaning to attack the project or spread doubts about the security of the project as there was a lot of misinformation online about Manifest V3's adoption but I would like to be proactive and avoid such issues.

Thanks for your hard work on this project.

[HotCakeX]

Hi,
These 2 are the categories explicitly recommended by Microsoft:

1. https://github.com/HotCakeX/Harden-Windows-Security/wiki/Microsoft-Security-Baselines
2. https://github.com/HotCakeX/Harden-Windows-Security/wiki/Microsoft-365-Apps-Security-Baseline

For everything else, i've properly documented every change in both the GitHub wiki that has CSP links to Microsoft docs, and in the app via the animated clickable button when you hover over and view up to date online info, they are exactly for such situations to provide answers to users.

If there is a problem or mistake, you can open issues so i can fix them as i always do. I obviously do my best to not make any mistakes.

Thank you, Merry Christmas!