CCE-47339-7Platform: cpe:/o:microsoft:windows_server_2016 | Date: (C)2017-08-03 (M)2023-07-04 |
Disables the lock screen slide show settings in PC Settings and prevents a slide show from playing on the lock screen.
By default, users can enable a slide show that will run after they lock the machine.
If you enable this setting, users will no longer be able to modify slide show settings in PC Settings, and no slide show will ever start.
Vulnerability:
This may allow a malicious agent to access the slide show that may have confidential information.
Counter Measure:
Enable this policy setting and users cannot access the slide show from a locked state.
Potential Impact:
Users must unlock the device to access and run the screen slide show.
Fix:
(1) GPO: Computer ConfigurationAdministrative TemplatesControl PanelPersonalizationPrevent enabling lock screen slide show
(2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindowsPersonalization!NoLockScreenSlideshow
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer Configuration\Administrative Templates\Control Panel\Personalization\Prevent enabling lock screen slide show
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Personalization!NoLockScreenSlideshow
CCSS Severity: | CCSS Metrics: |
CCSS Score : 7.4 | Attack Vector: LOCAL |
Exploit Score: 1.4 | Attack Complexity: HIGH |
Impact Score: 5.9 | Privileges Required: NONE |
Severity: HIGH | User Interaction: NONE |
Vector: AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:40336 |