[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

User Account Control: Virtualize file and registry write failures to per-user locations

ID: oval:org.secpod.oval:def:40235Date: (C)2017-04-25   (M)2023-05-09
Class: COMPLIANCEFamily: windows




This policy setting controls whether application write failures are redirected to defined registry and file system locations. This policy setting mitigates applications that run as administrator and write run-time application data to %ProgramFiles%, %Windir%, %Windir%\system32, or HKLM\Software. The options are: - Enabled: (Default) Application write failures are redirected at run time to defined user locations for both the file system and registry. - Disabled: Applications that write data to protected locations fail. Vulnerability: This setting reduces vulnerabilities by ensuring that legacy applications only write data to permitted locations. Counter Measure: Enable the User Account Control: Virtualize file and registry write failures to per-user locations setting. Potential Impact: None. This is the default configuration. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\User Account Control: Virtualize file and registry write failures to per-user locations (2) REG: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System!EnableVirtualization

Platform:
Microsoft Windows Server 2016
Reference:
CCE-47157-3
CPE    1
cpe:/o:microsoft:windows_server_2016:::x64
CCE    1
CCE-47157-3
XCCDF    5
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_Server_2016
xccdf_org.secpod_benchmark_PCI_3_2_Windows_Server_2016
xccdf_org.secpod_benchmark_HIPAA_45CFR_164_Windows_Server_2016
xccdf_org.secpod_benchmark_general_Windows_Server_2016
...

© SecPod Technologies