CCE-42503-3Platform: cpe:/o:microsoft:windows_10 | Date: (C)2016-09-23 (M)2023-07-04 |
Disable: 'Block launching Windows Store apps with Windows Runtime API access from hosted content.'
This policy setting controls whether Windows Store apps with Windows Runtime API access directly from web content can be launched.
If you enable this policy setting, Windows Store apps with Windows Runtime API access directly from web content cannot be launched; Windows Store apps without Windows Runtime API access from web content are not affected.
If you disable or do not configure this policy setting, all Windows Store apps can be launched.
Counter Measure:
Enable and configure this setting.
Potential Impact:
Windows Store apps with Windows Runtime API access directly from web content cannot be launched.
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsApp runtimeBlock launching Windows Store apps with Windows Runtime API access from hosted content.
(2) REG: HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystemBlockHostedAppAccessWinRT
CCSS Severity: | CCSS Metrics: |
CCSS Score : 7.5 | Attack Vector: NETWORK |
Exploit Score: 1.6 | Attack Complexity: HIGH |
Impact Score: 5.9 | Privileges Required: NONE |
Severity: HIGH | User Interaction: REQUIRED |
Vector: AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:35118 |