Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-63685 | WN10-CC-000210 | SV-78175r4_rule | Medium |
Description |
---|
Windows Defender SmartScreen helps protect systems from programs downloaded from the internet that may be malicious. Enabling Windows Defender SmartScreen will warn or prevent users from running potentially malicious programs. |
STIG | Date |
---|---|
Windows 10 Security Technical Implementation Guide | 2017-12-01 |
Check Text ( C-74553r2_chk ) |
---|
If the following registry values do not exist or are not configured as specified, this is a finding: v1703 of Windows 10: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\System\ Value Name: EnableSmartScreen Value Type: REG_DWORD Value: 0x00000001 (1) And Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\System\ Value Name: ShellSmartScreenLevel Value Type: REG_SZ Value: Block v1607 of Windows 10: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\System\ Value Name: EnableSmartScreen Value Type: REG_DWORD Value: 0x00000001 (1) v1511 of Windows 10: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\System\ Value Name: EnableSmartScreen Value Type: REG_DWORD Value: 0x00000002 (2) |
Fix Text (F-81313r1_fix) |
---|
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> File Explorer >> "Configure Windows Defender SmartScreen" to "Enabled" with "Warn and prevent bypass" selected. v1703 of Windows 10 includes duplicate policies for this setting. It can also be configured under Computer Configuration >> Administrative Templates >> Windows Components >> Windows Defender SmartScreen >> Explorer. v1607 of Windows 10, configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> File Explorer >> "Configure Windows SmartScreen" to "Enabled". (Selection options are not available.) v1511 of Windows 10, configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> File Explorer >> "Configure Windows SmartScreen" to "Enabled" with "Require approval from an administrator before running downloaded unknown software" selected. |