ACLS FOR SYSTEM FILES AND DIRECTORIES DO NOT CONFORM TO MINIMUM REQUIREMENTS. – ‘C:Program Files’

Details

Failure to properly configure file and directory permissions (ACLs) allows the possibility of unauthorized and anonymous modification to the operating system and installed applications.

Solution

Maintain the default file ACLs, configure the Security Option- ‘Network access- Let everyone permissions apply to anonymous users’ to ‘Disabled’ (V-3377) and restrict the Power Users group to include no members.

Supportive Information

The following resource is also helpful.

http://iasecontent.disa.mil/stigs/zip/Oct2016/U_Windows_Vista_V6R41_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Windows.

References

800-53|AC-3(4)
CAT|II
CCI|CCI-002165
CSCv6|3.1
Rule-ID|SV-16968r1_rule
STIG-ID|2.006
Vuln-ID|V-1130

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles