[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-3217-7

Platform: cpe:/o:microsoft:windows_vistaDate: (C)2012-03-13   (M)2023-07-04



This policy setting allows you to turn on or turn off Offer (Unsolicited) Remote Assistance on this computer. If you enable this policy setting, users on this computer can get help from their corporate technical support staff using Offer (Unsolicited) Remote Assistance. If you disable this policy setting, users on this computer cannot get help from their corporate technical support staff using Offer (Unsolicited) Remote Assistance. If you do not configure this policy setting, users on this computer cannot get help from their corporate technical support staff using Offer (Unsolicited) Remote Assistance. If you enable this policy setting, you have two ways to allow helpers to provide Remote Assistance: "Allow helpers to only view the computer" or "Allow helpers to remotely control the computer." When you configure this policy setting, you also specify the list of users or user groups that are allowed to offer remote assistance. To configure the list of helpers, click "Show." In the window that opens, you can enter the names of the helpers. Add each user or group one by one. When you enter the name of the helper user or user groups, use the following format: or If you enable this policy setting, you should also enable firewall exceptions to allow Remote Assistance communications. The firewall exceptions required for Offer (Unsolicited) Remote Assistance depend on the version of Windows you are running. Windows Vista and later Enable the Remote Assistance exception for the domain profile. The exception must contain: Port 135:TCP %WINDIR%System32msra.exe %WINDIR%System32 aserver.exe Windows XP with Service Pack 2 (SP2) and Windows XP Professional x64 Edition with Service Pack 1 (SP1) Port 135:TCP %WINDIR%PCHealthHelpCtrBinariesHelpsvc.exe %WINDIR%PCHealthHelpCtrBinariesHelpctr.exe %WINDIR%System32Sessmgr.exe For computers running Windows Server 2003 with Service Pack 1 (SP1) Port 135:TCP %WINDIR%PCHealthHelpCtrBinariesHelpsvc.exe %WINDIR%PCHealthHelpCtrBinariesHelpctr.exe Allow Remote Desktop Exception Fix: (1) GPO: Computer ConfigurationAdministrative TemplatesSystemRemote AssistanceOffer Remote Assistance (2) REG: HKEY_LOCAL_MACHINESoftwarepoliciesMicrosoftWindows NTTerminal Services!fAllowUnsolicited (2) REG: HKEY_LOCAL_MACHINESoftwarepoliciesMicrosoftWindows NTTerminal Services!fAllowUnsolicitedFullControl


Parameter:

[enabled/disabled, enabled/disabled]


Technical Mechanism:

(1) GPO: Computer Configuration\Administrative Templates\System\Remote Assistance\Offer Remote Assistance (2) REG: HKEY_LOCAL_MACHINE\Software\policies\Microsoft\Windows NT\Terminal Services!fAllowUnsolicited (2) REG: HKEY_LOCAL_MACHINE\Software\policies\Microsoft\Windows NT\Terminal Services!fAllowUnsolicitedFullControl

CCSS Severity:CCSS Metrics:
CCSS Score : 8.8Attack Vector: NETWORK
Exploit Score: 2.8Attack Complexity: LOW
Impact Score: 5.9Privileges Required: LOW
Severity: HIGHUser Interaction: NONE
Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HScope: UNCHANGED
 Confidentiality: HIGH
 Integrity: HIGH
 Availability: HIGH
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:gov.nist.usgcb.vista:def:6563
BITS Shared Assessments SIG v6.0BITS Shared Assessments SIG v6.0
Jericho ForumJericho Forum
HIPAA/HITECH ActHIPAA/HITECH Act
FedRAMP Security Controls(Final Release Jan 2012)--LOW IMPACT LEVEL--FedRAMP Security Controls(Final Release Jan 2012)--LOW IMPACT LEVEL--
ISO/IEC 27001-2005ISO/IEC 27001-2005
COBIT 4.1COBIT 4.1
GAPP (Aug 2009)GAPP (Aug 2009)
NERC CIPNERC CIP
NIST SP800-53 R3NIST SP800-53 R3 AC-1
NIST SP800-53 R3NIST SP800-53 R3 CM-6
PCIDSS v2.0PCIDSS v2.0
FedRAMP Security Controls(Final Release Jan 2012)--MODERATE IMPACT LEVEL--FedRAMP Security Controls(Final Release Jan 2012)--MODERATE IMPACT LEVEL--
BITS Shared Assessments AUP v5.0BITS Shared Assessments AUP v5.0


OVAL    1
oval:gov.nist.usgcb.vista:def:6563
XCCDF    6
xccdf_pci_benchmark_Windows_vista
xccdf_org.secpod_benchmark_hipaa_windows_vista
xccdf_org.secpod_benchmark_nerc_cip_Windows_Vista
xccdf_org.secpod_benchmark_nist_windows_vista
...

© SecPod Technologies