CCE-47758-8Platform: cpe:/o:microsoft:windows_server_2016 | Date: (C)2022-09-02 (M)2023-07-04 |
This policy setting determines whether Windows is allowed to download fonts and font catalog data from an online font provider.
If you enable this policy setting, Windows periodically queries an online font provider to determine whether a new font catalog is available. Windows may also download font data if needed to format or render text.
If you disable this policy setting, Windows does not connect to an online font provider and only enumerates locally-installed fonts.
If you do not configure this policy setting, the default behavior depends on the Windows edition. Changes to this policy take effect on reboot.
Fix:
(1) GPO: Computer ConfigurationAdministrative TemplatesNetworkFontsEnable Font Providers
(2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindowsSystem!EnableFontProviders
Parameter:
[enabled/disabled]
Technical Mechanism:
(1) GPO: Computer Configuration\Administrative Templates\Network\Fonts\Enable Font Providers
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\System!EnableFontProviders
CCSS Severity: | CCSS Metrics: |
CCSS Score : 6.3 | Attack Vector: LOCAL |
Exploit Score: 0.8 | Attack Complexity: HIGH |
Impact Score: 5.5 | Privileges Required: LOW |
Severity: MEDIUM | User Interaction: REQUIRED |
Vector: AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: LOW |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:83692 |