Merge pull request #328 from HotCakeX/Harden-Windows-Security-v0.5.6

Harden Windows Security v0.5.6
HotCakeX · Aug 25, 2024 · 77b869a · 77b869a
2 parents 857a460 + 1ffadca
commit 77b869a
Show file tree

Hide file tree

Showing 9 changed files with 31 additions and 11 deletions.
diff --git a/Harden-Windows-Security Module/Main files/C#/GUI/Confirm/View.cs b/Harden-Windows-Security Module/Main files/C#/GUI/Confirm/View.cs
@@ -204,7 +204,10 @@ private void UpdateTotalCount()
                     }
 
                     // Display a notification
-                    HardenWindowsSecurity.NewToastNotification.Show(ToastNotificationType.EndOfConfirmation, CompliantItemsCount, NonCompliantItemsCount);
+                    if (HardenWindowsSecurity.GlobalVars.UseNewNotificationsExp == true)
+                    {
+                        HardenWindowsSecurity.NewToastNotification.Show(ToastNotificationType.EndOfConfirmation, CompliantItemsCount, NonCompliantItemsCount);
+                    }
                 }
             }
 

diff --git a/Harden-Windows-Security Module/Main files/C#/GUI/Protection/AddEventHandlers.cs b/Harden-Windows-Security Module/Main files/C#/GUI/Protection/AddEventHandlers.cs
@@ -669,7 +669,10 @@ await Task.Run(() =>
                             }
                         }
 
-                        HardenWindowsSecurity.NewToastNotification.Show(ToastNotificationType.EndOfProtection, null, null);
+                        if (HardenWindowsSecurity.GlobalVars.UseNewNotificationsExp == true)
+                        {
+                            HardenWindowsSecurity.NewToastNotification.Show(ToastNotificationType.EndOfProtection, null, null);
+                        }
                     }
                     else
                     {

diff --git a/Harden-Windows-Security Module/Main files/C#/GlobalVars.cs b/Harden-Windows-Security Module/Main files/C#/GlobalVars.cs
@@ -64,6 +64,11 @@ public static class GlobalVars
         // The path to the LGPO.exe utility
         public static string? LGPOExe;
 
+        // A flag to determine whether the new notifications experience should be used or not
+        // It won't be used if there is an interferences detected with DLL load due to other addons being loaded in the PowerShell session
+        // Such as PowerToys' CommandNotFound or Winget's PowerShell module
+        public static bool UseNewNotificationsExp = true;
+
         // To store the registry data CSV parse output - Registry.csv
         public static List<HardenWindowsSecurity.HardeningRegistryKeys.CsvRecord>? RegistryCSVItems;
 

diff --git a/Harden-Windows-Security Module/Main files/C#/NewToastNotification.cs b/Harden-Windows-Security Module/Main files/C#/NewToastNotification.cs
@@ -18,11 +18,13 @@ public enum ToastNotificationType
 
         /// <summary>
         /// Displays modern toast notification on Windows
+        /// The caller must check for HardenWindowsSecurity.GlobalVars.UseNewNotificationsExp and if it's true then use this method
+        /// So that it will only display the notifications if the required DLLs have been loaded in the PowerShell session via Add-Type
+        /// That is different than the DLLs being made available to the Add-Type during C# code compilation
         /// </summary>
         /// <param name="Type">The type of the toast notification to use</param>
         public static void Show(ToastNotificationType Type, string? TotalCompliantValues, string? TotalNonCompliantValues)
         {
-
             // Detect the notification type so we can create the proper notification to be displayed
             switch (Type)
             {

diff --git a/Harden-Windows-Security Module/Main files/C#/Protect Methods/OptionalWindowsFeatures.cs b/Harden-Windows-Security Module/Main files/C#/Protect Methods/OptionalWindowsFeatures.cs
@@ -47,6 +47,7 @@ private static void RemoveCapability(string CapabilityIdentity, string Capabilit
 
                 // PowerShell script to run to remove the Windows Capability
                 string PSScript = $@"
+Import-Module -Name 'DISM' -UseWindowsPowerShell -Force -WarningAction SilentlyContinue
 $null = Get-WindowsCapability -Online |
 Where-Object -FilterScript {{ $_.Name -eq '{CapabilityIdentity}' }} |
 Remove-WindowsCapability -Online

diff --git a/Harden-Windows-Security Module/Main files/C#/WindowsFeatureChecker.cs b/Harden-Windows-Security Module/Main files/C#/WindowsFeatureChecker.cs
@@ -92,6 +92,7 @@ public static string GetCapabilityState(string capabilityName)
         {
             // Define the PowerShell script template with placeholder
             string scriptTemplate = """
+Import-Module -Name 'DISM' -UseWindowsPowerShell -Force -WarningAction SilentlyContinue
 $CompatibilityName = '{CompatibilityName}'
 return ((Get-WindowsCapability -Online | Where-Object -FilterScript { $_.Name -like "*$CompatibilityName*" }).State)
 """;

diff --git a/Harden-Windows-Security Module/Main files/Harden-Windows-Security-Module.psd1 b/Harden-Windows-Security Module/Main files/Harden-Windows-Security-Module.psd1
@@ -2,7 +2,7 @@
   # https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_module_manifests
 
   RootModule           = 'Harden-Windows-Security-Module.psm1'
-  ModuleVersion        = '0.5.5'
+  ModuleVersion        = '0.5.6'
   CompatiblePSEditions = @('Core')
   GUID                 = 'afae7a0a-5eff-4a4d-9139-e1702b7ac426'
   Author               = 'HotCakeX'

diff --git a/Harden-Windows-Security Module/Main files/Harden-Windows-Security-Module.psm1 b/Harden-Windows-Security Module/Main files/Harden-Windows-Security-Module.psm1
@@ -18,16 +18,21 @@ $ToastNotificationDLLs.Add([System.IO.Path]::Combine($PSScriptRoot, 'DLLs', 'Toa
 $ToastNotificationDLLs.Add([System.IO.Path]::Combine($PSScriptRoot, 'DLLs', 'Toast Notifications', 'System.Drawing.Common.dll'))
 $ToastNotificationDLLs.Add([System.IO.Path]::Combine($PSScriptRoot, 'DLLs', 'Toast Notifications', 'WinRT.Runtime.dll'))
 
-# when we use the -ReferencedAssemblies parameter of Add-Type, The DLLs are only added and made available to the C# compilation, not the PowerShell host itself
-# In order to display the toast notifications, they needed to be added to the PowerShell itself as well
-foreach ($DLLPath in $ToastNotificationDLLs) {
-    Add-Type -Path $DLLPath
-}
-
 # Load all of the C# codes
 # for some reason it tries to use another version of the dll unless i define its path explicitly like this
 Add-Type -Path ([System.IO.Directory]::GetFiles("$PSScriptRoot\C#", '*.*', [System.IO.SearchOption]::AllDirectories)) -ReferencedAssemblies @((Get-Content -Path "$PSScriptRoot\.NETAssembliesToLoad.txt") + "$($PSHOME)\WindowsBase.dll" + $ToastNotificationDLLs) -CompilerOptions '/nowarn:1701'
 
+try {
+    # when we use the -ReferencedAssemblies parameter of Add-Type, The DLLs are only added and made available to the C# compilation, not the PowerShell host itself
+    # In order to display the toast notifications, they needed to be added to the PowerShell itself as well
+    foreach ($DLLPath in $ToastNotificationDLLs) {
+        Add-Type -Path $DLLPath
+    }
+}
+catch {
+    [HardenWindowsSecurity.GlobalVars]::UseNewNotificationsExp = $false
+}
+
 [HardenWindowsSecurity.GlobalVars]::Host = $HOST
 [HardenWindowsSecurity.GlobalVars]::PSHOME = $PSHOME
 [HardenWindowsSecurity.GlobalVars]::path = $PSScriptRoot

diff --git a/Harden-Windows-Security Module/version.txt b/Harden-Windows-Security Module/version.txt
@@ -1 +1 @@
-0.5.4
+0.5.6