Print driver Installation privilege is not restricted to administrators.

Details

By default, the print spooler allows any user to add and to delete printer drivers on the local system. This capability should be restricted to authorized personnel.

Solution

Configure the policy value for Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> ‘Devices- Prevent users from installing printer drivers’ to ‘Enabled’.

Supportive Information

The following resource is also helpful.

http://iasecontent.disa.mil/stigs/zip/Oct2016/U_Windows_Vista_V6R41_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.

References

800-53|CM-11(2)
CAT|III
CCI|CCI-001812
CSCv6|5.1
Rule-ID|SV-29009r1_rule
STIG-ID|3.029
Vuln-ID|V-1151

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles