Disable Windows Memory Dumps

By disabling Memory Dumps it's no longer possible to recover the dump file and extract secure data that is held in memory in the clear.

​

<# .Synopsis Disables Windows Memory Dumps

​

.Description

​

Disabled Memory Dump to prevent extracting cleat text passwords using WinDbg

​

0 = None 1 = Complete Memory Dump 2 = Kernel Memory Dump 3 = Small Memory Dump 7 = Automatic Memory Dump (Default)

​

.Version

#>

Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\CrashControl' -name CrashDumpEnabled -Value 0 -Force

​