Prevent installation of devices that match any of these device IDsID: oval:org.secpod.oval:def:95663 | Date: (C)2023-12-08 (M)2023-12-08 |
Class: COMPLIANCE | Family: windows |
This policy setting allows you to specify a list of Plug and Play hardware IDs and
compatible IDs for devices that Windows is prevented from installing. This policy setting
takes precedence over any other policy setting that allows Windows to install a device.
If you enable this policy setting, Windows is prevented from installing a device whose
hardware ID or compatible ID appears in the list you create. If you enable this policy setting
on a remote desktop server, the policy setting affects redirection of the specified devices
from a remote desktop client to the remote desktop server.
If you disable or do not configure this policy setting, devices can be installed and updated
as allowed or prevented by other policy settings.
Fix:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\System Services!DenyDeviceIDsRetroactive
(2) REG: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions!DenyDeviceIDsRetroactive
Platform: |
Microsoft Windows 10 |