[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

110210

 
 

909

 
 

86021

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-45960-2

Platform: win2016Date: (C)2017-08-03   (M)2018-07-10



"Load and unload device drivers" This policy setting allows users to dynamically load a new device driver on a system. An attacker could potentially use this capability to install malicious code that appears to be a device driver. This user right is required for users to add local printers or printer drivers in Windows Vista. When configuring a user right in the SCM enter a comma delimited list of accounts. Accounts can be either local or located in Active Directory, they can be groups, users, or computers. Vulnerability: Device drivers run as highly privileged code. A user who has the Load and unload device drivers user right could unintentionally install malicious code that masquerades as a device driver. Administrators should exercise greater care and install only drivers with verified digital signatures. Counter Measure: Do not assign the Load and unload device drivers user right to any user or group other than Administrators on member servers. On domain controllers, do not assign this user tight to any user or group other than Domain Admins. Potential Impact: If you remove the Load and unload device drivers user right from the Print Operators group or other accounts you could limit the abilities of users who are assigned to specific administrative roles in your environment. You should ensure that delegated tasks will not be negatively affected.


Parameter:


Technical Mechanism: Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment (2) REG: No Registry Info

References:

Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:40268


OVAL    1
oval:org.secpod.oval:def:40268
XCCDF    4
xccdf_org.secpod_benchmark_general_Windows_Server_2016
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_Server_2016
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_Server_2016
xccdf_org.secpod_benchmark_PCI_3_2_Windows_Server_2016
...

© SecPod Technologies