From 141d3c72a64aabcd102c2657ae3de5e8eba763cb Mon Sep 17 00:00:00 2001
From: Florian Stosse <Harvester57@users.noreply.github.com>
Date: Thu, 7 Oct 2021 14:54:14 +0200
Subject: [PATCH] Sync with internal repo

---
 AdditionalHardening.admx       | 4 ++--
 en-US/AdditionalHardening.adml | 6 ++++--
 fr-FR/AdditionalHardening.adml | 6 ++++--
 3 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/AdditionalHardening.admx b/AdditionalHardening.admx
index aab8282..119a962 100644
--- a/AdditionalHardening.admx
+++ b/AdditionalHardening.admx
@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--  
   Author: Florian Stosse <florian.stosse@safrangroup.com>
-  Version: 1.0.12
-  Date: 27/09/2021
+  Version: 1.0.13
+  Date: 07/10/2021
   -->
 <policyDefinitions xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
diff --git a/en-US/AdditionalHardening.adml b/en-US/AdditionalHardening.adml
index acdd62b..9b3a11a 100644
--- a/en-US/AdditionalHardening.adml
+++ b/en-US/AdditionalHardening.adml
@@ -171,10 +171,12 @@ Changing this setting will require a restart of the computer before the setting
 Changing this setting will require a restart of the computer before the setting will take effect.
       </string>
       <!-- TLSv1.3 -->
-      <string id="TLSv13">TLS 1.3 - DO NOT ENABLE]</string>
+      <string id="TLSv13">TLS 1.3 - [WARNING: READ DESCRIPTION]</string>
       <string id="TLSv13_Help">Enables or disables the use of TLS 1.3.  TLS 1.3 is without known security issues.
 
-This setting is only compatible on Windows 10 1903 and above and does not require a reboot to take effect.
+!! WARNING: This setting is only compatible with Windows 10 1903 and above. Enabling this setting on older OS versions will break SChannel, and you will need to manually remove the SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3 key in the Registry to fix it.
+
+This setting does not require a reboot to take effect.
       </string>
       <!-- DTLSv1.0 -->
       <string id="DTLSv10">DTLS 1.0</string>
diff --git a/fr-FR/AdditionalHardening.adml b/fr-FR/AdditionalHardening.adml
index 2ed3a0e..55088ad 100644
--- a/fr-FR/AdditionalHardening.adml
+++ b/fr-FR/AdditionalHardening.adml
@@ -174,10 +174,12 @@ Changing this setting will require a restart of the computer before the setting
 Changing this setting will require a restart of the computer before the setting will take effect.
       </string>
       <!-- TLSv1.3 -->
-      <string id="TLSv13">TLS 1.3 [EXPERIMENTAL - DO NOT ENABLE]</string>
+      <string id="TLSv13">TLS 1.3 [WARNING: READ DESCRIPTION]</string>
       <string id="TLSv13_Help">Enables or disables the use of TLS 1.3.  TLS 1.3 is without known security issues.
 
-This setting is only compatible on Windows 10 1903 and above and does not require a reboot to take effect.
+!! WARNING: This setting is only compatible with Windows 10 1903 and above. Enabling this setting on older OS versions will break SChannel, and you will need to manually remove the SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3 key in the Registry to fix it.
+
+This setting does not require a reboot to take effect.
       </string>
       <!-- DTLSv1.0 -->
       <string id="DTLSv10">DTLS 1.0</string>