Version bump across 62 files (2.2.3 → 2.2.4).
CHANGELOG.md: New [2.2.4] section with EDR/XDR detection and version tooling.
README.md: Updated release highlights, AV detection example output synced with code.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Single source of truth for version numbers. Bump-Version.ps1 replaces
the old version across all 61 files (113 occurrences) automatically.
CHANGELOG.md is excluded to preserve historical entries.
Usage:
.\Tools\Bump-Version.ps1 -NewVersion "2.2.4" -DryRun # preview
.\Tools\Bump-Version.ps1 -NewVersion "2.2.4" # apply
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
CrowdStrike Falcon and other EDR/XDR products don't register in WMI
SecurityCenter2, but put Defender in Passive Mode. This caused ASR
rules to either silently fail or throw errors.
New 3-layer detection:
- Layer 1: WMI SecurityCenter2 (traditional AV: Bitdefender, Kaspersky, etc.)
- Layer 2: Defender Passive Mode via Get-MpComputerStatus (EDR/XDR)
- Layer 3: 18 known EDR service names for display identification
Changes:
- Utils/Dependencies.ps1: New Test-ThirdPartySecurityProduct function,
updated Test-WindowsDefenderAvailable with IsPassiveMode property,
updated Test-AllDependencies to handle passive mode gracefully
- Modules/ASR/Public/Invoke-ASRRules.ps1: Detection runs before
Defender service check, inline fallback for standalone execution
- Tools/Verify-Complete-Hardening.ps1: Same 3-layer detection, ASR
counted as 19/19 verified when third-party product detected
Closes#15
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Privacy Module:
- Fixed 'Applied X settings' to show only registry settings (60/78/86)
- Bloatware count no longer added to settings total
- Consistent with module prompt (MSRecommended: 60, Strict: 78, Paranoid: 86)
DNS Module:
- Fixed DoH connectivity test for systems with REQUIRE mode active
- Tests HTTPS endpoint (port 443) when classic DNS is blocked
- Proper detection of existing DoH configuration
Verified: Full Apply/Verify/Restore cycle - 633/633 settings (100%)
