WDACConfig v0.4.7 and AppControl Manager v1.1.0.0 preliminary update #365
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Applied many best practices in the code
* The AppControl Simulation feature has been fully integrated into the AppControl Manager GUI, with rewritten components and improved arbitration logic. * A new Advanced Code Integrity section has been introduced in the AppControl Manager app, offering detailed insights into system integrity. * The SHA3-512 hashing algorithm is now used for hashing files in the WDACConfig module, enhancing security standards. * The repository's Extras folder has been removed; its PowerShell scripts are now embedded within corresponding Wiki articles, and all C# code previously in that directory has been integrated into the AppControl Manager app. * A new GitHub workflow has been added for enhanced security and transparency, allowing the AppControl Manager to be built directly from the source code and generate verified artifacts publicly on GitHub. This workflow uses cryptographic signatures to ensure that the AppControl Manager MSIX package in the release section is verifiably built from the repository's source code and that workflow will upload the package with verification details to the release. [Find more about the process in here](https://docs.github.com/en/actions/security-for-github-actions/using-artifact-attestations/using-artifact-attestations-to-establish-provenance-for-builds). * Keyboard navigation in the AppControl Manager app has been improved, enhancing the selection experience for UI elements. * The color pickers on the Logs page have been refined, with clearer distinctions between selected colors and their labels. * The main navigation in the AppControl Manager app now dynamically adapts to window width, automatically switching modes for optimal responsiveness. * Windows 11 version 24H2 introduces several new features, including support for the SHA-3 hashing algorithm, enhancements to CiTool.exe that display which policies are signed and which are not, and the ability to remove App Control policies without requiring a reboot. Due to these advancements, both the WDACConfig module and the AppControl Manager app will require Windows 11 24H2 or later. * Updated some internal [log names](https://learn.microsoft.com/en-us/windows/security/application-security/application-control/app-control-for-business/operations/event-tag-explanations#requested-and-validated-signing-level) that were referring to "Windows Defender Application Control" to "App Control for Business" to match the new naming convention. * Improved code optimizations and applied best practices through the GitHub's CodeQL scans and detections.
HotCakeX
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What's New
The AppControl Simulation feature has been fully integrated into the AppControl Manager GUI, with rewritten components and improved arbitration logic.
A new Advanced Code Integrity section has been introduced in the AppControl Manager app, offering detailed insights into system integrity.
The SHA3-512 hashing algorithm is now used for hashing files in the WDACConfig module, enhancing security standards.
The repository's Extras folder has been removed; its PowerShell scripts are now embedded within corresponding Wiki articles, and all C# code previously in that directory has been integrated into the AppControl Manager app.
A new GitHub workflow has been added for enhanced security and transparency, allowing the AppControl Manager to be built directly from the source code and generate verified artifacts publicly on GitHub. This workflow uses cryptographic signatures to ensure that the AppControl Manager MSIX package in the release section is verifiably built from the repository's source code and that workflow will upload the package with verification details to the release. Find more about the process in here.
Keyboard navigation in the AppControl Manager app has been improved, enhancing the selection experience for UI elements.
The color pickers on the Logs page have been refined, with clearer distinctions between selected colors and their labels.
The main navigation in the AppControl Manager app now dynamically adapts to window width, automatically switching modes for optimal responsiveness.
Windows 11 version 24H2 introduces several new features, including support for the SHA-3 hashing algorithm, enhancements to CiTool.exe that display which policies are signed and which are not, and the ability to remove App Control policies without requiring a reboot. Due to these advancements, both the WDACConfig module and the AppControl Manager app will require Windows 11 24H2 or later.
Updated some internal log names that were referring to "Windows Defender Application Control" to "App Control for Business" to match the new naming convention.
Improved code optimizations and applied best practices through the GitHub's CodeQL scans and detections.
Closes #68
Closes #283
The GitHub release, version update and WDACConfig module upload to the PowerShell gallery will all be done soon after finalizing the artifact attestation and SBOM (software bill of materials).