windows powershell execution policy default values and what happens to security of the OS when their changed



ok so I was looking at the windows powershell execution policy after finally updating my bios to the latest patch for Spectre/Meltown and confirming that my system was fully patched from Meltdown/Spectre hardware based vulnerabilities using the speculative execution script,after setting it back using the Set-Executionpolicy Default and pressing A to set everything to default,i used the get-executionpolicy -list command and noticed aside from localmachine and CurrentUser are set to Restricted, that these three are set to Undefined(not sure if this is the default values for these three or not):

1. MachinePolicy

2. UserPolicy

3. Process what would happen with my operating system(or is execution policy only limited to command prompt and powershell and only involves scripts running in the command line and not The entire operating system and its system files,permissions,etc) if I set these three policies according to the options Restricted,RemoteSigned,and AllSigned.

(I also ended scouring the internet on how to undo the developer option that set it to allow local powershell scripts to run without signing and only require remote signing for remote in powershell as I was messing with developer options and noticed this option and applied it without thinking not realizing that you cant turn this option off in developer options after you set it and have to use an admin powershell session with the correct command,this is actually how I noticed the list command and discovered these policies and values)

Continue reading...
Top Bottom