[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-33385-6

Platform: cpe:/o:microsoft:windows_8.1Date: (C)2015-10-14   (M)2023-07-04



Allow .rdp files from valid publishers and user's default .rdp settings This policy setting allows you to specify whether users can run Remote Desktop Protocol (.rdp) files from a publisher that signed the file with a valid certificate. A valid certificate is one that is issued by an authority recognized by the client, such as the issuers in the client's Third-Party Root Certification Authorities certificate store. This policy setting also controls whether the user can start an RDP session by using default .rdp settings (for example, when a user directly opens the Remote Desktop Connection [RDC] client without specifying an .rdp file). If you enable or do not configure this policy setting, users can run .rdp files that are signed with a valid certificate. Users can also start an RDP session with default .rdp settings by directly opening the RDC client. When a user starts an RDP session, the user is asked to confirm whether they want to connect. If you disable this policy setting, users cannot run .rdp files that are signed with a valid certificate. Additionally, users cannot start an RDP session by directly opening the RDC client and specifying the remote computer name. When a user tries to start an RDP session, the user receives a message that the publisher has been blocked. Note: You can define this policy setting in the Computer Configuration node or in the User Configuration node. If you configure this policy setting for the computer, all users on the computer are affected.


Parameter:

[enable/disable]


Technical Mechanism:

(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsRemote Desktop ServicesRemote Desktop Connection Client!Allow .rdp files from valid publishers and user's default .rdp settings (2) REG: HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindows NTTerminal Services!AllowSignedFiles

CCSS Severity:CCSS Metrics:
CCSS Score : 7.8Attack Vector: LOCAL
Exploit Score: 1.8Attack Complexity: LOW
Impact Score: 5.9Privileges Required: NONE
Severity: HIGHUser Interaction: REQUIRED
Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HScope: UNCHANGED
 Confidentiality: HIGH
 Integrity: HIGH
 Availability: HIGH
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:28854


OVAL    1
oval:org.secpod.oval:def:28854
XCCDF    1
xccdf_org.secpod_benchmark_general_Windows_8_1

© SecPod Technologies