AppLocker: Executable Rules: (Default Rule) All files located in the Windows folderID: oval:org.secpod.oval:def:40344 | Date: (C)2017-04-25 (M)2023-05-09 |
Class: COMPLIANCE | Family: windows |
Allow all users to run executable files in the Windows folder.
This setting is configured by using an XML blob that is store in the registry setting for this setting. You can obtain the XML blob by configuring the desired setting in the Local Group Policy console and then retrieving the blob from the registry setting.
Vulnerability:
A malicious agent could run unauthorized programs and software.
Counter Measure:
Configure this policy to allow all users to run all files located in the Windows folder.
Potential Impact:
Depending on configuration, users may be unable to run specific applications.
Fix:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Application Control Policies\AppLocker\Executable Rules\AppLocker: Executable Rules: (Default Rule) All files located in the Windows folder
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\SrpV2\Exe\a61c8b2c-a319-4cd0-9690-d2177cad7b51!Value
Platform: |
Microsoft Windows Server 2016 |