STIGQter: STIG Summary: Microsoft DotNet Framework 4.0 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The Trust Providers Software Publishing State must be set to 0x23C00.

DISA Rule

SV-225224r615940_rule

Vulnerability Number

V-225224

Group Title

SRG-APP-000175

Rule Version

APPNET0046

Severity

CAT II

CCI(s)

• CCI-000185 - The information system, for PKI-based authentication, validates certifications by constructing and verifying a certification path to an accepted trust anchor including checking certificate status information.

Weight

10

Fix Recommendation

This fix must be performed for each user on the system.

Using regedit, change the hexadecimal value of the "HKEY_USER\[UNIQUE USER SID VALUE]\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\State" registry key to 0x23C00.

Check Contents

If the system or application being reviewed is SIPR based, this finding is NA.

This check must be performed for each user on the system.

Use regedit to locate "HKEY_USER\[UNIQUE USER SID VALUE]\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\State".

If the State value for any user is not set to the hexadecimal value of 0x23C00, this is a finding.

Vulnerability Number

V-225224

Documentable

False

Rule Version

APPNET0046

Severity Override Guidance

If the system or application being reviewed is SIPR based, this finding is NA.

This check must be performed for each user on the system.

Use regedit to locate "HKEY_USER\[UNIQUE USER SID VALUE]\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\State".

If the State value for any user is not set to the hexadecimal value of 0x23C00, this is a finding.

Check Content Reference

M

Target Key

4213

Comments