[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-32958-1

Platform: cpe:/o:microsoft:windows_8.1Date: (C)2015-10-14   (M)2023-07-04



Prohibit removal of updates This setting controls the ability for users or administrators to remove Windows Installer based updates. This setting should be used if you need to maintain a tight control over updates. One example is a lockdown environment where you want to ensure that updates once installed cannot be removed by users or administrators. If you enable this policy setting, updates cannot be removed from the computer by a user or an administrator. The Windows Installer can still remove an update that is no longer applicable to the product. If you disable this policy setting, a user can remove an update from the computer only if the user has been granted privileges to remove the update. This can depend on whether the user is an administrator, whether Disable Windows Installer and Always install with elevated privileges policy settings are set, and whether the update was installed in a per-user managed, per-user unmanaged, or per-machine context.


Parameter:

[enable/disable]


Technical Mechanism:

(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsWindows Installer!Prohibit removal of updates (2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindowsInstaller!DisablePatchUninstall

CCSS Severity:CCSS Metrics:
CCSS Score : 8.1Attack Vector: NETWORK
Exploit Score: 2.2Attack Complexity: HIGH
Impact Score: 5.9Privileges Required: NONE
Severity: HIGHUser Interaction: NONE
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HScope: UNCHANGED
 Confidentiality: HIGH
 Integrity: HIGH
 Availability: HIGH
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:28663


OVAL    1
oval:org.secpod.oval:def:28663
XCCDF    1
xccdf_org.secpod_benchmark_general_Windows_8_1

© SecPod Technologies