[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-44311-9

Platform: cpe:/o:microsoft:windows_10Date: (C)2016-09-23   (M)2023-07-04



Disable: 'Shutdown: Clear virtual memory pagefile' for ClearPageFileAtShutdown This policy setting determines whether the virtual memory pagefile is cleared when the system is shut down. When this policy setting is enabled, the system pagefile is cleared each time that the system shuts down properly. If you enable this security setting, the hibernation file (Hiberfil.sys) is zeroed out when hibernation is disabled on a portable computer system. It will take longer to shut down and restart the computer, and will be especially noticeable on computers with large paging files. Counter Measure: Enable the Clear virtual memory page file when system shuts down setting. This configuration causes Windows Server 2003 to clear the page file when the computer is shut down. The amount of time that is required to complete this process depends on the size of the page file. It could be several minutes before the computer completely shuts down. Potential Impact: It will take longer to shut down and restart the server, especially on servers with large paging files. For a server with 2 gigabytes (GB) of RAM and a 2-GB paging file, this policy setting could increase the shutdown process by 20 to 30 minutes, or more. For some organizations, this downtime violates their internal service level agreements. Therefore, use caution before you implement this countermeasure in your environment.


Parameter:

[enable/disable]


Technical Mechanism:

(1) GPO: Computer ConfigurationWindows SettingsSecurity SettingsLocal PoliciesSecurity OptionsShutdown: Clear virtual memory pagefile (2) REG: HKEY_LOCAL_MACHINESystemCurrentControlSetControlSession ManagerMemory ManagementClearPageFileAtShutdown

CCSS Severity:CCSS Metrics:
CCSS Score : 4.7Attack Vector: LOCAL
Exploit Score: 1.0Attack Complexity: HIGH
Impact Score: 3.6Privileges Required: LOW
Severity: MEDIUMUser Interaction: NONE
Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HScope: UNCHANGED
 Confidentiality: NONE
 Integrity: NONE
 Availability: HIGH
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:35422


OVAL    1
oval:org.secpod.oval:def:35422
XCCDF    4
xccdf_org.secpod_benchmark_HIPAA_45CFR_164_Windows_10
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_10
xccdf_org.secpod_benchmark_PCI_3_2_Windows_10
xccdf_org.secpod_benchmark_general_Windows_10
...

© SecPod Technologies