Disable Windows Memory Dumps

 

By disabling Memory Dumps its no longer possible to recover the dump file and extract secure data that is held in memory in the clear.

​

<#
.Synopsis
Disables Windows Memory Dumps

​

.Description

​

Disabled Memory Dump to prevent extracting cleat text passwords using WinDbg 

​

0 = None
1 = Complete Memory Dump
2 = Kernel Memory Dump
3 = Small Memory Dump
7 = Automatic Memory Dump (Default)

​

.Version

#>

Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\CrashControl' -name CrashDumpEnabled -Value 0 -Force

​

​

​