CCE-45257-3Platform: cpe:/o:microsoft:windows_server_2016 | Date: (C)2017-08-03 (M)2023-07-04 |
This policy setting configures behavior of samples submission when opt-in for MAPS telemetry is set.
Possible options are:
(0x0) Always prompt
(0x1) Send safe samples automatically
(0x2) Never send
(0x3) Send all samples automatically
Vulnerability:
Enabling or not configuring this setting may automatically send potentially confidential data to Microsoft, which may be contrary to your organization's security requirements.
Counter Measure:
Configure this setting depending on your organization's requirements.
Potential Impact:
Depending on configuration, MAPS telemetry data is either sent or not sent.
Fix:
(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsWindows DefenderMAPSSend file samples when further analysis is required
(2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindows DefenderSpynet!SubmitSamplesConsent
Parameter:
[always prompt/send safe samples/never send/send all samples]
Technical Mechanism:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Windows Defender\MAPS\Send file samples when further analysis is required
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\Spynet!SubmitSamplesConsent
CCSS Severity: | CCSS Metrics: |
CCSS Score : 5.9 | Attack Vector: NETWORK |
Exploit Score: 2.2 | Attack Complexity: HIGH |
Impact Score: 3.6 | Privileges Required: NONE |
Severity: MEDIUM | User Interaction: NONE |
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: NONE |
| Availability: NONE |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:40192 |