Intune Proactive Remediation for “Microsoft Windows Unquoted Service Path” / CVE-2013-1609, CVE-2014-0759, CVE-2014-5455

Microsoft Defender has security recommendations for the "Fix unquoted service path for Windows services.” (CVE-2013-1609, CVE-2014-0759, CVE-2014-5455) These might be reported for things like Dell services, and you can fix them manually by editing the Registry on the affected device. But... There is an easier way 🙂 This blog post will show you how to create a Proactive Remediation in Intune for it.

Recreate Desktop and Start Menu shortcuts #ASRmageddon

It's just a beautiful Friday 13th, due to a Windows Defender update that removed shortcuts from many machines with Attack Surface Reduction enabled for Macros. (Work-around "Setdefender ASR rule 92e97fa1-2edf-4476-bdd6-9dd0b4dddc7b to audit only unit issue is resolved.") This blog post describes how you can recreate the missing shortcuts and deploy this using Intune or run it manually on the affected system(s).