By disabling Memory Dumps it's no longer possible to recover the dump file and extract secure data that is held in memory in the clear.
<# .Synopsis Disables Windows Memory Dumps
.Description
Disabled Memory Dump to prevent extracting cleat text passwords using WinDbg
0 = None 1 = Complete Memory Dump 2 = Kernel Memory Dump 3 = Small Memory Dump 7 = Automatic Memory Dump (Default)
.Version
#>
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\CrashControl' -name CrashDumpEnabled -Value 0 -Force
Comments