[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Allow users to patch elevated products

ID: oval:org.secpod.oval:def:29792Date: (C)2015-10-14   (M)2023-07-14
Class: COMPLIANCEFamily: windows




This policy setting allows users to patch elevated products. If you enable this policy setting, all users are permitted to install patches, even when the installation program is running with elevated system privileges. Patches are updates or upgrades that replace only those program files that have changed. Because patches can easily be vehicles for malicious programs, some installations prohibit their use. If you disable or do not configure this policy setting, by default, only system administrators can apply patches during installations with elevated privileges, such as installations offered on the desktop or displayed in Add or Remove Programs. This policy setting does not affect installations that run in the user's security context. By default, users can install patches to programs that run in their own security context. Also, see the 'Prohibit patching' policy setting. Fix: (1) GPO: Computer Configuration\Administrative Templates\Windows Components\Windows Installer!Allow users to patch elevated products (2) REG: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Installer!AllowLockdownPatch

Platform:
Microsoft Windows 8.1
Reference:
CCE-35309-4
CPE    1
cpe:/o:microsoft:windows_8.1
CCE    1
CCE-35309-4
XCCDF    1
xccdf_org.secpod_benchmark_general_Windows_8_1

© SecPod Technologies