[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

'Do not process the run once list' for Computer Configuration

ID: oval:org.secpod.oval:def:22958Date: (C)2015-01-07   (M)2023-07-14
Class: COMPLIANCEFamily: windows




This policy setting causes the run once list, which is the list of programs that Windows Vista runs automatically when it starts, to be ignored. This policy setting differs from the Do not process the legacy run list setting in that programs on this list will run once the next time the client computer restarts and an administrator logs on. Setup and installation programs are sometimes added to this list to complete installations after a client computer restarts. If you enable this policy setting, attackers generally cannot use the run once list to launch rogue applications, which was a common method of attack in the past. A malicious user can exploit the run once list to install a program that may compromise the security of Windows Vista?based client computers, however since editing this list requires administrator privileges the importance of configuring this setting is not high. This policy setting controls the default behavior of the AutoPlay setting. Fix: (1) GPO: Computer Configuration\Administrative Templates\System\Logon!Do not process the run once list (2) REG: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer!DisableLocalMachineRunOnce

Platform:
Microsoft Windows Server 2012 R2
Reference:
CCE-36748-2
CPE    1
cpe:/o:microsoft:windows_server_2012::r2:x64
CCE    1
CCE-36748-2
XCCDF    9
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_Server_2012_R2
xccdf_org.secpod_benchmark_SecPod_Windows_2012_R2
xccdf_org.secpod_benchmark_SecPod_Windows_Server_2012_R2
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_2012_R2
...

© SecPod Technologies