diff --git a/etc/modprobe.d/30_security-misc.conf b/etc/modprobe.d/30_security-misc.conf
index 48d5b25..0b3a84a 100644
--- a/etc/modprobe.d/30_security-misc.conf
+++ b/etc/modprobe.d/30_security-misc.conf
@@ -57,6 +57,7 @@ install can /bin/disabled-network-by-security-misc
 install atm /bin/disabled-network-by-security-misc
 
 ## Disable uncommon file systems to reduce attack surface
+## HFS and HFS+ are legacy Apple filesystems that may be required depending on the EFI parition format
 install cramfs /bin/disabled-filesys-by-security-misc
 install freevxfs /bin/disabled-filesys-by-security-misc
 install jffs2 /bin/disabled-filesys-by-security-misc
@@ -109,19 +110,19 @@ blacklist amd76x_edac
 ## https://git.launchpad.net/ubuntu/+source/kmod/tree/debian/modprobe.d/blacklist-framebuffer.conf?h=ubuntu/disco
 blacklist aty128fb
 blacklist atyfb
-#blacklist radeonfb
+blacklist radeonfb
 blacklist cirrusfb
 blacklist cyber2000fb
 blacklist cyblafb
 blacklist gx1fb
 blacklist hgafb
 blacklist i810fb
-#blacklist intelfb
+blacklist intelfb
 blacklist kyrofb
 blacklist lxfb
 blacklist matroxfb_bases
 blacklist neofb
-#blacklist nvidiafb
+blacklist nvidiafb
 blacklist pm2fb
 blacklist rivafb
 blacklist s1d13xxxfb
@@ -130,7 +131,7 @@ blacklist sisfb
 blacklist sstfb
 blacklist tdfxfb
 blacklist tridentfb
-#blacklist vesafb
+blacklist vesafb
 blacklist vfb
 blacklist viafb
 blacklist vt8623fb