UCF STIG Viewer Logo

The Secondary Logon service must be disabled on Windows 10.


Overview

Finding ID Version Rule ID IA Controls Severity
V-220732 WN10-00-000175 SV-220732r569187_rule Medium
Description
The Secondary Logon service provides a means for entering alternate credentials, typically used to run commands with elevated privileges. Using privileged credentials in a standard user session can expose those credentials to theft.
STIG Date
Microsoft Windows 10 Security Technical Implementation Guide 2022-04-08

Details

Check Text ( C-22447r554681_chk )
Run "Services.msc".

Locate the "Secondary Logon" service.

If the "Startup Type" is not "Disabled" or the "Status" is "Running", this is a finding.
Fix Text (F-22436r554682_fix)
Configure the "Secondary Logon" service "Startup Type" to "Disabled".