Force specific screen saver This policy setting allows you to manage whether or not screen savers run. If the Screen Saver setting is disabled screen savers do not run and the screen saver section of the Screen Saver tab in Display in Control Panel is disabled. If this setting is enabled a screen saver will run if the following two conditions are met: first, that a valid screen saver is specified on the client via the Screen Saver Executable Name group policy setting or Control Panel on the client. Second, the screensaver timeout is set to a value greater than zero via the Screen Saver Timeout group policy setting or Control Panel on the client. Counter Measure: Configure this policy setting to Enabled so that when the other screen saver settings are implemented the risk of a user's desktop session being hijacked by a passerby is reduced. Potential Impact: The screen saver will automatically activate when the computer has been unattended for the amount of time specified by the Screen Saver timeout setting.

(1) GPO: User Configuration\Administrative Templates\Control Panel\Personalization\Force specific screen saver (2) REG: HKEY_USERS\Software\Policies\Microsoft\Windows\Control Panel\Desktop\SCRNSAVE.EXE (3) WMI: ###