CCE-33869-9Platform: cpe:/o:microsoft:windows_8.1 | Date: (C)2015-10-14 (M)2023-07-04 |
Turn on raw volume write notifications
This policy setting controls whether raw volume write notifications are sent to behavior monitoring.
If you enable or do not configure this setting, raw write notifications will be enabled.
If you disable this setting, raw write notifications be disabled.
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsWindows DefenderReal-time Protection!Turn on raw volume write notifications
(2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindows DefenderReal-Time Protection!DisableRawWriteNotification
CCSS Severity: | CCSS Metrics: |
CCSS Score : 4.4 | Attack Vector: LOCAL |
Exploit Score: 1.8 | Attack Complexity: LOW |
Impact Score: 2.5 | Privileges Required: LOW |
Severity: MEDIUM | User Interaction: NONE |
Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L | Scope: UNCHANGED |
| Confidentiality: LOW |
| Integrity: NONE |
| Availability: LOW |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:29107 |