CCE-33958-0Platform: cpe:/o:microsoft:windows_8.1 | Date: (C)2015-10-14 (M)2023-07-04 |
Devices: Prevent users from installing printer drivers
It is feasible for a attacker to disguise a Trojan horse program as a printer driver. The program may appear to users as if they must use it to print, but such a program could unleash malicious code on your computer network. To reduce the possibility of such an event, only administrators should be allowed to install printer drivers. However, because laptops are mobile devices, laptop users may occasionally need to install a printer driver from a remote source to continue their work. Therefore, this policy setting should be disabled for laptop users, but always enabled for desktop users.
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer ConfigurationWindows SettingsSecurity SettingsLocal PoliciesSecurity Options!Devices: Prevent users from installing printer drivers
(2) REG: HKEY_LOCAL_MACHINESystemCurrentControlSetControlPrintProvidersLanMan Print ServicesServers!AddPrinterDrivers
CCSS Severity: | CCSS Metrics: |
CCSS Score : 7.8 | Attack Vector: LOCAL |
Exploit Score: 1.8 | Attack Complexity: LOW |
Impact Score: 5.9 | Privileges Required: LOW |
Severity: HIGH | User Interaction: NONE |
Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:29185 |