diff --git a/Core/Framework.ps1 b/Core/Framework.ps1 index b80c532..842b202 100644 --- a/Core/Framework.ps1 +++ b/Core/Framework.ps1 @@ -522,7 +522,7 @@ function Invoke-Hardening { Write-Host "Secure DNS with DNS-over-HTTPS" -ForegroundColor White Write-Host "" Write-Host " > Configures encrypted DNS:" -ForegroundColor Gray - Write-Host " - Choose provider: Cloudflare, Quad9, or AdGuard" -ForegroundColor Gray + Write-Host " - Choose provider: Quad9 (default), Cloudflare, or AdGuard" -ForegroundColor Gray Write-Host " - Enable DoH encryption (HTTPS)" -ForegroundColor Gray Write-Host " - Blocks DNS hijacking and snooping" -ForegroundColor Gray Write-Host " - IPv4 + IPv6 configuration" -ForegroundColor Gray @@ -534,8 +534,8 @@ function Invoke-Hardening { Write-Host "" Write-Host " > Applies privacy settings based on selected mode:" -ForegroundColor Gray Write-Host " - Telemetry control (3 modes: MSRecommended/Strict/Paranoid)" -ForegroundColor Gray - Write-Host " - MSRecommended: 37 settings (default, max compatibility)" -ForegroundColor DarkGray - Write-Host " - Strict/Paranoid: 37-40 settings + services disabled" -ForegroundColor DarkGray + Write-Host " - MSRecommended: 59 settings (default, max compatibility)" -ForegroundColor DarkGray + Write-Host " - Strict: 77 settings, Paranoid: 85 settings" -ForegroundColor DarkGray Write-Host " - Disable ads, tips, personalization" -ForegroundColor Gray Write-Host " - Remove bloatware (up to 24 apps, if present)" -ForegroundColor Gray Write-Host " - OneDrive hardening (keeps sync functional)" -ForegroundColor Gray @@ -545,7 +545,7 @@ function Invoke-Hardening { "AntiAI" { Write-Host "Disable Windows 11 AI Features" -ForegroundColor White Write-Host "" - Write-Host " > Disables 13 features via 32 policies:" -ForegroundColor Gray + Write-Host " > Disables 15 features via 32 policies:" -ForegroundColor Gray Write-Host " - Windows Recall + Export Block" -ForegroundColor Gray Write-Host " - Windows Copilot (app + URI handlers + Edge sidebar)" -ForegroundColor Gray Write-Host " - Click to Do, Explorer AI Actions" -ForegroundColor Gray @@ -741,7 +741,7 @@ function Invoke-Hardening { } # AntiAI module applies maximum AI deactivation (no modes) - Write-Log -Level INFO -Message "Disabling all Windows 11 AI features (13 features, 32 policies)" -Module "Framework" + Write-Log -Level INFO -Message "Disabling all Windows 11 AI features (15 features, 32 policies)" -Module "Framework" $moduleResult = Invoke-AntiAI -DryRun:$DryRun } diff --git a/Core/Rollback.ps1 b/Core/Rollback.ps1 index 6241b4a..db6979d 100644 --- a/Core/Rollback.ps1 +++ b/Core/Rollback.ps1 @@ -120,7 +120,7 @@ function Update-SessionDisplayName { "ASR" = 19 # 19 ASR Rules "DNS" = 5 # 5 DNS Settings "Privacy" = 77 # 53 Registry (MSRecommended) + 24 Bloatware - "AntiAI" = 32 # 32 Registry Policies (13 features incl. Copilot 4-Layer) + "AntiAI" = 32 # 32 Registry Policies (15 features) "EdgeHardening" = 24 # 24 Edge Policies (22-23 applied depending on extensions) "AdvancedSecurity" = 50 # 50 Advanced Settings (15 features incl. Discovery Protocols + IPv6) } diff --git a/Modules/AntiAI/Config/AntiAI-Settings.json b/Modules/AntiAI/Config/AntiAI-Settings.json index 91844a7..bf4e415 100644 --- a/Modules/AntiAI/Config/AntiAI-Settings.json +++ b/Modules/AntiAI/Config/AntiAI-Settings.json @@ -403,7 +403,7 @@ }, "Summary": { - "TotalAIFeaturesDisabled": "13 features (10 dedicated + 3 advanced blocks + unlimited via master switch)", + "TotalAIFeaturesDisabled": "15 features", "TotalPoliciesApplied": 32, "RegistryKeysModified": 32, "URIHandlersBlocked": 2, diff --git a/Tools/Verify-Complete-Hardening.ps1 b/Tools/Verify-Complete-Hardening.ps1 index b8d8424..d075ab8 100644 --- a/Tools/Verify-Complete-Hardening.ps1 +++ b/Tools/Verify-Complete-Hardening.ps1 @@ -21,7 +21,7 @@ ASR: 19 DNS: 5 Privacy: 81 (57 registry Paranoid + 24 bloatware) - AntiAI: 32 compliance checks (13 features) + AntiAI: 32 compliance checks (15 features) EdgeHardening: 24 (22-23 applied depending on extensions) AdvancedSecurity: 50 (15 features incl. Discovery Protocols + IPv6) @@ -49,7 +49,7 @@ $EXPECTED_EDGE_COUNT = 24 # 24 total Edge policies from EdgePolicies.json $EXPECTED_ADVANCED_COUNT = 50 # 50 total AdvancedSecurity policy checks (incl. Discovery Protocols WSD/mDNS + IPv6) $EXPECTED_DNS_COUNT = 5 $EXPECTED_PRIVACY_COUNT = 77 # 53 registry from Privacy-MSRecommended.json + 24 bloatware apps -$EXPECTED_ANTIAI_COUNT = 32 # 32 AntiAI registry policy checks (13 features incl. Copilot 4-Layer Defense) +$EXPECTED_ANTIAI_COUNT = 32 # 32 AntiAI registry policy checks (15 features) Write-Host "" Write-Host "========================================" -ForegroundColor Cyan diff --git a/config.json b/config.json index 0c94356..ee8c707 100644 --- a/config.json +++ b/config.json @@ -45,12 +45,12 @@ "enabled": true, "priority": 6, "status": "IMPLEMENTED", - "description": "Microsoft Edge v139 Security Baseline: 20 security policies", + "description": "Microsoft Edge v139 Security Baseline: 24 security policies", "_comment": "Interactive: Allow extensions (Y/N, default: Y)", "allowExtensions": true, "version": "2.2.0", "baseline": "Edge v139", - "policies": 20, + "policies": 24, "features": { "smartscreen_enforcement": true, "site_isolation": true,