From 6df4a1e5069b092c53d3d5278fcf3122c3b310eb Mon Sep 17 00:00:00 2001 From: Michael Campagnaro Date: Fri, 9 Jun 2023 17:20:39 -0400 Subject: [PATCH] Add a registry key for disabling the Windows platform binary table --- windows/disable-windows-platform-binary-table.reg | 4 ++++ windows/readme.md | 11 ++++++++++- 2 files changed, 14 insertions(+), 1 deletion(-) create mode 100644 windows/disable-windows-platform-binary-table.reg diff --git a/windows/disable-windows-platform-binary-table.reg b/windows/disable-windows-platform-binary-table.reg new file mode 100644 index 0000000..1b234f5 --- /dev/null +++ b/windows/disable-windows-platform-binary-table.reg @@ -0,0 +1,4 @@ +Windows Registry Editor Version 5.00 + +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager] +"DisableWpbtExecution"=dword:00000001 diff --git a/windows/readme.md b/windows/readme.md index 0fe7fa7..fcfb21f 100644 --- a/windows/readme.md +++ b/windows/readme.md @@ -1,6 +1,15 @@ # Windows Setup -* Make a system restore point after a fresh install +* Make a system restore point after a fresh install. + +* Disable Windows Platform Binary Table + * This is a system Windows made for hardware vendors to inject firmware to the OS drive, running it at boot time. + It's a huge security hole! Vendors can do things like download software, auto update the mobo firmware, etc. + In 2023, Gigabyte was caught using this to download exe's from their server over an http connection! (keep in mind + that they're corporate systems have been hacked multiple times in the last year). Anyway, this feature is fucking + dumb and you can be sure that all mobo vendors are using this stupid shit. I don't blame them though since Microsoft + built this for them. There's no way to stop this from happening other than to disable the platform entirely. + * Run `disable-windows-platform-binary-table.reg` and reboot. * Change PC name and reboot * Open settings -> System -> About -> Rename this PC