Details
Enables remote users to modify registry settings on this computer.
The recommended state for this setting is: Disabled.
Rationale:
In a high security environment, exposing the registry to remote access is an increased security risk.
Impact:
The registry can be modified only by users on the computer.
Note: Many remote administration tools, such as System Center Configuration Manager (SCCM), require the Remote Registry service to be operational for remote management. In addition, many vulnerability scanners use this service to access the registry remotely.
Solution
To establish the recommended configuration via GP, set the following UI path to: Disabled.
Computer ConfigurationPoliciesWindows SettingsSecurity SettingsSystem ServicesRemote Registry
Default Value:
Windows 7: Manual
Windows 8.0 and newer: Disabled
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.