STIGQter STIGQter: STIG Summary: Microsoft Windows Server 2012/2012 R2 Domain Controller Security Technical Implementation Guide Version: 3 Release: 2 Benchmark Date: 04 May 2021:

Standard user accounts must only have Read permissions to the Active Setup\Installed Components registry key.

DISA Rule

SV-226269r569184_rule

Vulnerability Number

V-226269

Group Title

SRG-OS-000324-GPOS-00125

Rule Version

WN12-RG-000002

Severity

CAT I

CCI(s)

Weight

10

Fix Recommendation

Maintain the default permissions of the following registry keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components\ (64-bit systems only)

Users - Read
Administrators - Full Control
SYSTEM - Full Control
CREATOR OWNER - Full Control (Subkeys only)
ALL APPLICATION PACKAGES - Read

Check Contents

Run "Regedit".
Navigate to the following registry keys and review the permissions:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components\ (64-bit systems)

If the default permissions listed below have been changed, this is a finding.

Users - Read
Administrators - Full Control
SYSTEM - Full Control
CREATOR OWNER - Full Control (Subkeys only)
ALL APPLICATION PACKAGES - Read

Vulnerability Number

V-226269

Documentable

False

Rule Version

WN12-RG-000002

Severity Override Guidance

Run "Regedit".
Navigate to the following registry keys and review the permissions:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components\ (64-bit systems)

If the default permissions listed below have been changed, this is a finding.

Users - Read
Administrators - Full Control
SYSTEM - Full Control
CREATOR OWNER - Full Control (Subkeys only)
ALL APPLICATION PACKAGES - Read

Check Content Reference

M

Target Key

4217

Comments