Details
This service runs in session 0 and hosts the notification platform and connection provider which handles the connection between the device and WNS server.
The recommended state for this setting is: Disabled.
Note: In the first two releases of Windows 10 (R1507 & R1511), the display name of this service was initially named Windows Push Notifications Service – but it was renamed to Windows Push Notifications System Service starting with Windows 10 R1607.
Rationale:
Windows Push Notification Services (WNS) is a mechanism to receive 3rd-party notifications and updates from the cloud/Internet. In a high security environment, external systems, especially those hosted outside the organization, should be prevented from having an impact on the secure workstations.
Impact:
Live Tiles and other features will not get live updates.
Solution
To establish the recommended configuration via GP, set the following UI path to: Disabled.
Computer ConfigurationPoliciesWindows SettingsSecurity SettingsSystem ServicesWindows Push Notifications System Service
Default Value:
Automatic
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Windows.