Disallow Autoplay for non-volume devicesID: oval:org.secpod.oval:def:40327 | Date: (C)2017-04-25 (M)2023-07-04 |
Class: COMPLIANCE | Family: windows |
This policy setting disallows AutoPlay for MTP devices like cameras or phones.
If you enable this policy setting, AutoPlay is not allowed for MTP devices like cameras or phones.
If you disable or do not configure this policy setting, AutoPlay is enabled for non-volume devices.
Vulnerability:
Disabling or not configuring this setting allows AutoPlay to start and access MTP devices without user approval and may expose confidential data.
Counter Measure:
Enable this setting.
Potential Impact:
AutoPlay is not allowed for MTP devices like cameras or phones.
Fix:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\AutoPlay Policies\Disallow Autoplay for non-volume devices
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Explorer!NoAutoplayfornonVolume
Platform: |
Microsoft Windows Server 2016 |