Patch v2 for CVE-2023-36884

# Define the parameters for the script
[CmdletBinding()]
param (
    [Parameter()]
    [String]$OfficeProducts = "All", # Office products to be targeted for remediation
    [Parameter()]
    [Switch]$Undo                     # Switch to indicate whether to undo the changes
)

function Test-IsElevated {
    $id = [System.Security.Principal.WindowsIdentity]::GetCurrent()
    $p = New-Object System.Security.Principal.WindowsPrincipal($id)
    $p.IsInRole([System.Security.Principal.WindowsBuiltInRole]::Administrator)
}

function Set-RegKey {
    param (
        $Path,
        $Name,
        $Value,
        [ValidateSet("DWord", "QWord", "String", "ExpandedString", "Binary", "MultiString", "Unknown")]
        $PropertyType = "DWord"
    )
    if (-not $(Test-Path -Path $Path)) {
        New-Item -Path $Path -Force -ErrorAction Stop | Out-Null
    }
    $CurrentValue = (Get-ItemProperty -Path $Path -Name $Name -ErrorAction SilentlyContinue).$Name
    Set-ItemProperty -Path $Path -Name $Name -Value $Value -Force -Confirm:$false -ErrorAction Stop | Out-Null
    Write-Host "$Path\$Name changed from $CurrentValue to $Value"
}

function Remove-RegKey {
    param (
        $Path,
        $Name
    )
    Remove-ItemProperty -Path $Path -Name $Name -ErrorAction SilentlyContinue | Out-Null
    if (Get-ItemProperty -Path $Path -Name $Name -ErrorAction SilentlyContinue) {
        Write-Error "ERROR: Unable to undo registry key $Name!"
        exit 1
    }
    else {
        Write-Host "Successfully removed registry key $Name!"
    }
}

function Perform-Remediation {
    param (
        [HashTable]$RemediationTargets,
        [Switch]$Undo
    )
    $Path = "Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATION"
    $RemediationTargets.GetEnumerator() | ForEach-Object {
        Write-Host "$($_.Name) was selected for remediation."
        if (-not $Undo) {
            Set-RegKey -Path $Path -Name $_.Value -Value 1
            Write-Host "Success!"
        }
        else {
            Remove-RegKey -Path $Path -Name $_.Value
        }
    }
    Write-Warning "A reboot may be required."
}

begin {
    if (-not (Test-IsElevated)) {
        Write-Error "Please run the script with administrator privileges."
        exit 1
    }

    $RemediationValues = @{
        "Word" = "WINWORD.EXE";
        "Excel" = "EXCEL.EXE";
        "PowerPoint" = "POWERPNT.EXE";
        "All" = @("WINWORD.EXE", "EXCEL.EXE", "POWERPNT.EXE") # "All" includes all products
    }

    $RemediationTargets = @{}
    if ($OfficeProducts -ne "All") {
        $OfficeProducts = $OfficeProducts.split(',') | ForEach-Object { $_.Trim() }
        $OfficeProducts | ForEach-Object {
            if ($RemediationValues.ContainsKey($_)) {
                $RemediationTargets.Add($_, $RemediationValues[$_])
            }
            else {
                Write-Error "ERROR: Invalid product $_. Please provide valid products."
                exit 1
            }
        }
    }
    else {
        $RemediationValues["All"] | ForEach-Object { $RemediationTargets.Add($_, $_) }
    }

    if ($RemediationTargets.Count -gt 0) {
        Perform-Remediation -RemediationTargets $RemediationTargets -Undo:$Undo
        exit 0
    }
    else {
        Write-Warning "No products were selected! The valid values for -OfficeProducts are listed below. You can also use a comma-separated list or simply put 'All'."
        $RemediationValues.Keys | Sort-Object | Format-Table | Out-String | Write-Host
        Write-Error "ERROR: Nothing to do!"
        exit 1
    }
}