[Forgot Password]
Login  Register Subscribe

24436

 
 

131815

 
 

115228

 
 

909

 
 

90132

 
 

140

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-47157-3

Platform: win2016Date: (C)2017-08-03   (M)2018-07-10



"User Account Control: Virtualize file and registry write failures to per-user locations" This policy setting controls whether application write failures are redirected to defined registry and file system locations. This policy setting mitigates applications that run as administrator and write run-time application data to %ProgramFiles%, %Windir%, %Windir%\system32, or HKLM\Software. The options are: - Enabled: (Default) Application write failures are redirected at run time to defined user locations for both the file system and registry. - Disabled: Applications that write data to protected locations fail. Vulnerability: This setting reduces vulnerabilities by ensuring that legacy applications only write data to permitted locations. Counter Measure: Enable the User Account Control: Virtualize file and registry write failures to per-user locations setting. Potential Impact: None. This is the default configuration.


Parameter: EnableVirtualization


Technical Mechanism: Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options (2) REG: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System!EnableVirtualization

References:

Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:40235


OVAL    1
oval:org.secpod.oval:def:40235
XCCDF    5
xccdf_org.secpod_benchmark_HIPAA_45CFR_164_Windows_Server_2016
xccdf_org.secpod_benchmark_PCI_3_2_Windows_Server_2016
xccdf_org.secpod_benchmark_general_Windows_Server_2016
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_Server_2016
...

© SecPod Technologies