https://worldofeuc.com logo
Join Slack
Powered by
This message was deleted.
# _general
s
This message was deleted.
r
I have it on w11 that I seen myself. Is that on w10 you see now?
j
No some maniac upgraded my laptop to Win11, so not seen it on 10
Just another thing to turn off for security - I often dump password files into Notepad and deliberately don't save them....now they're being cached somewhere 😞
r
Here maybe C:\Users\davis\AppData\Local\Packages\Microsoft.WindowsNotepad_8wekyb3d8bbwe\LocalState\TabState
👍 1
l
%LocalAppData%\Packages\Microsoft.WindowsNotepad_8wekyb3d8bbwe\LocalState\TabState Saves them in .bin files
👍 2
Just procmon'ed it lol
j
Wow never realized it had gone UWP. Doesn't feel like a UWP app
r
why is everything going to packages now 😞
n
We have to generate admin passwords every 8-10 hours, so I save them via PS to an encrypted file, and use that file when running stuff elevated so that I don't have to manually enter creds.
Or you could just use KeePass...
r
It has me thinking more of for CPM profiles now
Well, I guess that new UWP feature could be handy here.
l
Yep, those .bin files are unicode textfiles so nothing massively special. Don't leave anything in notepad. I know you shouldn't save passwords in textfile but its easy to just dump stuff in notepad and there is no save prompt with this behaviour
n
UWP... handy...
r
Actually, now that I think about it. I don't think it vetted for w11 yet.
n
does not compute
j
I'm going to turn it off via a policy or Registry push if possible. Some idiot will leave a text file full of sensitive shit lying around and a red team will grab it
l
I do actually like the user experience of not being prompted not to save though......
r
Yea, it's getting closer to notepad++
j
Notepad++ will NEVER be bettered by Notepad
👍 2
That new UWP feature for UPM is weird. It simply caches shared stuff
l
Exclude that folder from your profiles, I'm not sure how well it'll behave if you restrict permissions or something
r
If I was a betting man, I would say it would break notepad haha
l
Probably.
Alright, I'm down for some 5 minute fuckery. Lets see.
🤣 1
j
I'm at home so can't join in 😞
n
I was going to crack a joke, but seeing as how I am literally working on a W11 VDA project right now, I guess I'm now interested in this.
l
😂
😂 1
Removing permissions on that folder forces legacy behaviour.
j
Gonna whack that straight in the master image then
n
What about removing that folder from CPM sync?
I wonder if it throws an error upon launch.
l
Might not be that simple, UWP apps will be updated and I think when that happens your permissions will be trashed.
Will test that too
r
I know if you exclude the new Teams it breaks the shite out of it. In my testing. Which is store int he same location in packages
l
Yup, when it installs a new AppXPackage it overwrites all the permissions.
With the UWP feature in CPM I'm not sure how it'll behave with exclusions in these folders
The fun of EUC
j
The UWP feature puts "shared" packages into separate containers
l
Okay, I guess that makes sense. In which case an exclusion may solve the problem.
j
Stuff that is user-specific still gets grabbed on an individual basis
Still needs some kinks ironing out, that feature, and some better documentation
Who'd have thought managing Notepad could be such fun?
l
Funny the things we end up digging into.
n
I take it there's no policy setting to control that behavior?
😂 1
l
Not that I know of, I don't think that'll even be an option.
n
Is there an option in Notepad to auto-save that you can uncheck?
l
Nope, no additional settings, no settings menu.
n
lol, Microsoft you fucks
😂 2
b
Notepad had a good run, MS couldnt help themselves they had to mess with it.
n
Notepad has always been trash. Notepad2 4 lyfe
m
Notepad is brilliant because it's exactly a piece of paper. Nothing more nothing less. And of course, eventually Microsoft had to crap in that too...
j
I think there's a menu option to turn it off somewhere
Click on the gear icon to see it
n
Does that setting actually prevent the notes from being saved?
j
That's a question only a test can answer 😉
n
I'll have to spin up a W11 VM at some point then. Unlike some people, I retained my dignity by leaving my PC on W10... 😄
j
Am now home so ran a test - with that setting turned off, the .bin file gets created but it gets removed when Notepad closes and you don't save the file
👍🏻 1
n
That may be enough for our security team since you cannot prevent users from using an open Notepad for passwords.
j
However, if Notepad crashes or terminates unexpectedly, the .bin file with the contents is saved and is returned at next Notepad startup
n
It also means that you can probably control this by configuring the settings you want, and then taking the resulting Settings.dat file from that app's path, and deploying it to everyone's profile. Perhaps even removing their ability to modify the file.
haha, I take it back then.
j
Yeah next thing to test would be seeing where that setting gets stored (you're probably right) and deploying it somehow. But I've already done an hour's work today and that's more than enough. Will have a look tomorrow
l
Nice work MS, abstract the settings from the actual app interface and have then in a different dialog 👍🏻
v
@James Rankin Looks like this on my Win 11 23h2. build 22631.2428 is yours newer or older?
2 Views
Open in Slack
PreviousNext
Powered by