CCE-43114-8Platform: cpe:/o:microsoft:windows_10 | Date: (C)2016-09-23 (M)2023-07-04 |
Select the 'Configure Windows SmartScreen' for EnableSmartScreen to turn_off_smartscreen
This policy setting allows you to manage the behavior of Windows SmartScreen. Windows SmartScreen helps keep PCs safer by warning users before running unrecognized programs downloaded from the Internet. Some information is sent to Microsoft about files and programs run on PCs with this feature enabled.
If you enable this policy setting, Windows SmartScreen behavior may be controlled by setting one of the following options:
- Require approval from an administrator before running downloaded unknown software
- Give user a warning before running downloaded unknown software
- Turn off SmartScreen
If you disable or do not configure this policy setting, Windows SmartScreen behavior is managed by administrators on the PC by using Windows SmartScreen Settings in Action Center.
Options:
- Require approval from an administrator before running downloaded unknown software
- Give user a warning before running downloaded unknown software
- Turn off SmartScreen
Counter Measure:
The most restrictive configuration for this policy setting is to enable it and select the "Require approval from an administrator before running downloaded unknown software" option.
Potential Impact:
If you enable this policy setting, Windows SmartScreen behavior may be controlled by setting one of the following options:
- Require approval from an administrator before running downloaded unknown software
- Give user a warning before running downloaded unknown software
- Turn off SmartScreen
If you disable or do not configure this policy setting, Windows SmartScreen behavior is managed by administrators on the PC by using Windows SmartScreen Settings in Action Center."
Parameter:
[enable/disable, Warn and prevent bypass/Warn]
Technical Mechanism:
(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsFile ExplorerConfigure Windows SmartScreen
(2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindowsSystemEnableSmartScreen
CCSS Severity: | CCSS Metrics: |
CCSS Score : 7.0 | Attack Vector: LOCAL |
Exploit Score: 1.0 | Attack Complexity: HIGH |
Impact Score: 5.9 | Privileges Required: LOW |
Severity: HIGH | User Interaction: NONE |
Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:35233 |