[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Block launching desktop apps associated with a protocol

ID: oval:org.secpod.oval:def:29211Date: (C)2015-10-14   (M)2023-07-14
Class: COMPLIANCEFamily: windows




This policy setting allows you to minimize the risk involved when a packaged app launches the default app for a protocol. Because desktop apps run at a higher integrity level than packaged apps, there is a risk that a protocol launched by a packaged app could compromise the system by launching a desktop app. If you enable this policy setting, Windows prevents packaged apps from launching protocols that would be passed to a desktop app. When you enable this policy setting, packaged apps may only launch protocols that can be passed to another packaged app. If you disable or do not configure this policy setting, packaged apps could launch protocols that would be passed to a desktop app. Note: Enabling this policy setting will not block packaged apps from launching http, https, and mailto protocols that would be passed to a desktop app. The handlers for these protocols are accustomed to handling data from untrusted sources and are therefore hardened against protocol based vulnerabilities. The risk of allowing these protocols to be passed to a desktop app is minimal. Fix: (1) GPO: Computer Configuration\Administrative Templates\Windows Components\App runtime!Block launching desktop apps associated with a protocol (2) REG: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Associations!BlockProtocolElevation

Platform:
Microsoft Windows 8.1
Reference:
CCE-34024-0
CPE    1
cpe:/o:microsoft:windows_8.1
CCE    1
CCE-34024-0
XCCDF    1
xccdf_org.secpod_benchmark_general_Windows_8_1

© SecPod Technologies