UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Standard user accounts must only have Read permissions to the Active Setup\Installed Components registry key.


Overview

Finding ID Version Rule ID IA Controls Severity
V-226269 WN12-RG-000002 SV-226269r569184_rule High
Description
Permissions on the Active Setup\Installed Components registry key must only allow privileged accounts to add or change registry values. If standard user accounts have these permissions, there is a potential for programs to run with elevated privileges when a privileged user logs on to the system.
STIG Date
Microsoft Windows Server 2012/2012 R2 Domain Controller Security Technical Implementation Guide 2021-03-05

Details

Check Text ( C-27971r476651_chk )
Run "Regedit".
Navigate to the following registry keys and review the permissions:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components\ (64-bit systems)

If the default permissions listed below have been changed, this is a finding.

Users - Read
Administrators - Full Control
SYSTEM - Full Control
CREATOR OWNER - Full Control (Subkeys only)
ALL APPLICATION PACKAGES - Read
Fix Text (F-27959r476652_fix)
Maintain the default permissions of the following registry keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components\ (64-bit systems only)

Users - Read
Administrators - Full Control
SYSTEM - Full Control
CREATOR OWNER - Full Control (Subkeys only)
ALL APPLICATION PACKAGES - Read