[Forgot Password]
Login  Register Subscribe

23631

 
 

126951

 
 

99536

 
 

909

 
 

80128

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

User Account Control: Only elevate UIAccess applications that are installed in secure locations

ID: oval:org.secpod.oval:def:23053Date: (C)2015-01-07   (M)2017-10-31
Class: COMPLIANCEFamily: windows




This policy setting controls whether applications that request to run with a User Interface Accessibility (UIAccess) integrity level must reside in a secure location in the file system. Secure locations are limited to the following: - ?\Program Files\, including subfolders - ?\Windows\system32\ - ?\Program Files (x86)\, including subfolders for 64-bit versions of Windows Note: Windows enforces a public key infrastructure (PKI) signature check on any interactive application that requests to run with a UIAccess integrity level regardless of the state of this security setting. The options are: - Enabled: (Default) If an application resides in a secure location in the file system, it runs only with UIAccess integrity. - Disabled: An application runs with UIAccess integrity even if it does not reside in a secure location in the file system. This policy setting controls whether applications that request to run with a User Interface Accessibility (UIAccess) integrity level must reside in a secure location in the file system. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options!User Account Control: Only elevate UIAccess applications that are installed in secure locations (2) REG: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System!EnableSecureUIAPaths

Platform:
Microsoft Windows Server 2012 R2
Reference:
CCE-37057-7
CPE    1
cpe:/o:microsoft:windows_server_2012::r2:x64
CCE    1
CCE-37057-7
XCCDF    6
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_Server_2012_R2
xccdf_org.secpod_benchmark_general_Windows_2012_R2
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_2012_R2
xccdf_org.secpod_benchmark_PCI_Windows_2012_R2
...

© 2013 SecPod Technologies