CCE-45492-6Platform: cpe:/o:microsoft:windows_server_2016 | Date: (C)2017-08-03 (M)2023-07-04 |
This AppLocker rules blocks everyone from using Internet Explorer.
This setting is configured by using an XML blob that is store in the registry setting for this setting. You can obtain the XML blob by configuring the desired setting in the Local Group Policy console and then retrieving the blob from the registry setting.
Vulnerability:
A malicious agent could run malware by using Internet Explorer.
Counter Measure:
Disable the use of Internet Explorer on domain controllers for everyone.
Potential Impact:
Depending on configuration, users will be unable to use Internet Explorer.
Fix:
(1) GPO: Computer ConfigurationWindows SettingsSecurity SettingsApplication Control PoliciesAppLockerExecutable RulesAppLocker: Executable Rules: Block Internet Explorer (Deny Everyone)
(2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindowsSrpV2Exe881d54fe-3848-4d6a-95fd-42d48ebe60b8!Value
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Application Control Policies\AppLocker\Executable Rules\AppLocker: Executable Rules: Block Internet Explorer (Deny Everyone)
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\SrpV2\Exe\881d54fe-3848-4d6a-95fd-42d48ebe60b8!Value
CCSS Severity: | CCSS Metrics: |
CCSS Score : 7.5 | Attack Vector: NETWORK |
Exploit Score: 1.6 | Attack Complexity: HIGH |
Impact Score: 5.9 | Privileges Required: LOW |
Severity: HIGH | User Interaction: NONE |
Vector: AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:40341 |