Anonymous access to the registry must be restricted.

Details

The registry is integral to the function, security, and stability of the Windows system. Some processes may require anonymous access to the registry. This must be limited to properly protect the system.

Solution

Maintain the default permissions of the following registry key-

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurePipeServersWinreg

Administrators – Full
Backup Operators – Special
(Special = Query Value, Enumerate Subkeys, Notify, Read Control (effectively = Read) – This key only)
LOCAL SERVICE – Read

Supportive Information

The following resource is also helpful.

http://iasecontent.disa.mil/stigs/zip/Oct2016/U_Windows_Vista_V6R41_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Windows.

References

800-53|AC-6(10)
CAT|I
CCI|CCI-002235
Rule-ID|SV-29594r2_rule
STIG-ID|3.030
Vuln-ID|V-1152

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles