STIGQter STIGQter: STIG Summary: Windows Server 2008 R2 Member Server Security Technical Implementation Guide Version: 1 Release: 30 Benchmark Date: 26 Jul 2019: Standard user accounts must only have Read permissions to the Active Setup\Installed Components registry key.

DISA Rule

SV-42619r2_rule

Vulnerability Number

V-32282

Group Title

WINRG-000001 Active Setup\Installed Components Registry Permissions

Rule Version

WINRG-000001

Severity

CAT I

CCI(s)

Weight

10

Fix Recommendation

Maintain the default permissions of the following registry keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components\ (64-bit systems only)

Users - Read
Administrators - Full Control
SYSTEM - Full Control
CREATOR OWNER - Special
(Special = Full Control - Subkeys only)

Check Contents

Run "Regedit".
Navigate to the following registry keys and review the permissions:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components\ (64-bit systems)

If the default permissions listed below have been changed, this is a finding.

Users - Read
Administrators - Full Control
SYSTEM - Full Control
CREATOR OWNER - Special
(Special = Full Control - Subkeys only)

Vulnerability Number

V-32282

Documentable

False

Rule Version

WINRG-000001

Severity Override Guidance

Run "Regedit".
Navigate to the following registry keys and review the permissions:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components\ (64-bit systems)

If the default permissions listed below have been changed, this is a finding.

Users - Read
Administrators - Full Control
SYSTEM - Full Control
CREATOR OWNER - Special
(Special = Full Control - Subkeys only)

Check Content Reference

M

Responsibility

System Administrator

Target Key

1823

Comments