CCE-43893-7Platform: cpe:/o:microsoft:windows_10 | Date: (C)2016-09-23 (M)2023-07-04 |
Disable: 'Configure local setting override to turn off Intrusion Prevention System'
This policy setting configures a local override for the configuration of network protection against exploits of known vulnerabilities. This setting can only be set by Group Policy.
If you enable this setting, the local preference setting will take priority over Group Policy.
If you disable or do not configure this setting, Group Policy will take priority over the local preference setting.
Counter Measure:
Configure this setting depending on your organization's requirements.
Potential Impact:
If you enable this setting, local settings will override Group Policy and may not be as secure as the Group Policy settings.
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsWindows DefenderReal-time ProtectionConfigure local setting override to turn off Intrusion Prevention System
(2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindows DefenderReal-Time ProtectionLocalSettingOverrideDisableIntrusionPreventionSystem
CCSS Severity: | CCSS Metrics: |
CCSS Score : 5.3 | Attack Vector: NETWORK |
Exploit Score: 3.9 | Attack Complexity: LOW |
Impact Score: 1.4 | Privileges Required: NONE |
Severity: MEDIUM | User Interaction: NONE |
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | Scope: UNCHANGED |
| Confidentiality: LOW |
| Integrity: NONE |
| Availability: NONE |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:35344 |