Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Standard user accounts must only have Read permissions to the Winlogon registry key.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| WN12-RG-000001 | WN12-RG-000001 | WN12-RG-000001_rule | High |
| Description |
|---|
| Permissions on the Winlogon registry key must only allow privileged accounts to change registry values. If standard users have this capability, there is a potential for programs to run with elevated privileges when a privileged user logs on to the system. |
| STIG | Date |
|---|---|
| Microsoft Windows Server 2012 Domain Controller Security Technical Implementation Guide | 2013-07-25 |
Details
| Check Text ( C-WN12-RG-000001_chk ) |
|---|
| Navigate to the following registry key and review the assigned permissions: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Standard user accounts and groups must only have Read permissions to this registry key. If any standard user accounts or groups have greater permissions, this is a finding. The default permissions satisfy this requirement. |
| Fix Text (F-WN12-RG-000001_fix) |
|---|
| Ensure only Read permissions are assigned to standard user accounts and groups for the following registry key. The default configuration satisfies this requirement. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon |