CCE-42217-0Platform: cpe:/o:microsoft:windows_10 | Date: (C)2016-09-23 (M)2023-07-04 |
Disable: 'Enable headless UI mode'
This policy setting allows you to configure whether or not to display AM UI to the users.
If you enable this setting AM UI won't be available to users.
Counter Measure:
Configure this setting depending on your organization's requirements.
Potential Impact:
Users are able to access the AM UI during the boot process.
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsWindows DefenderClient InterfaceEnable headless UI mode
(2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindows DefenderUX ConfigurationUILockdown
CCSS Severity: | CCSS Metrics: |
CCSS Score : 5.5 | Attack Vector: LOCAL |
Exploit Score: 1.8 | Attack Complexity: LOW |
Impact Score: 3.6 | Privileges Required: LOW |
Severity: MEDIUM | User Interaction: NONE |
Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: NONE |
| Availability: NONE |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:35076 |