Details

Improperly configured share permissions on printers can permit the addition of unauthorized print devices on the network. Windows shares are a means by which files, folders, printers, and other resources can be published for network users to remotely access. Regular users cannot create shares on their local machines; only Administrators and Power Users have that ability.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Configure the permissions on locally shared printers to meet the minimum requirements.

Supportive Information

The following resource is also helpful.

• http://iasecontent.disa.mil/stigs/zip/Oct2016/U_Windows_Vista_V6R41_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Windows.

References

• 800-53|AC-3
• CAT|III
• CCI|CCI-000213
• Rule-ID|SV-29510r1_rule
• STIG-ID|3.027
• Vuln-ID|V-1135

Source

• Tenable.com/audits