From 65811c87bac3bc5ddcfde4900a6154d8502ce641 Mon Sep 17 00:00:00 2001
From: Itiligent <94789708+itiligent@users.noreply.github.com>
Date: Fri, 26 Jul 2024 13:31:41 +1000
Subject: [PATCH 1/2] OEM registry change to prevent auto admin logon

Auto Admin logon is the default setting from the Dockur image. This is a large security vulnerability likely added for convenience. Blocking this default config does not seem to impact any of the Windows container setup.
---
 oem/RDPApps.reg | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/oem/RDPApps.reg b/oem/RDPApps.reg
index f545465..0be95c9 100644
--- a/oem/RDPApps.reg
+++ b/oem/RDPApps.reg
@@ -5,3 +5,6 @@ Windows Registry Editor Version 5.00
 
     [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services]
     "fAllowUnlistedRemotePrograms"=dword:00000001
+	
+	[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
+    "AutoAdminLogon"="0"
\ No newline at end of file

From 69aa204d39ff0ea1855a58214180befc71d380d4 Mon Sep 17 00:00:00 2001
From: "pre-commit-ci[bot]"
 <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Date: Fri, 26 Jul 2024 04:00:58 +0000
Subject: [PATCH 2/2] [pre-commit.ci] auto fixes from pre-commit.com hooks

for more information, see https://pre-commit.ci
---
 oem/RDPApps.reg | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/oem/RDPApps.reg b/oem/RDPApps.reg
index 0be95c9..acb5aac 100644
--- a/oem/RDPApps.reg
+++ b/oem/RDPApps.reg
@@ -5,6 +5,6 @@ Windows Registry Editor Version 5.00
 
     [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services]
     "fAllowUnlistedRemotePrograms"=dword:00000001
-	
-	[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
-    "AutoAdminLogon"="0"
\ No newline at end of file
+
+    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
+    "AutoAdminLogon"="0"