Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The system is configured to automatically forward error information.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-3471 | 3.083 | SV-29284r1_rule | ECSC-1 | Medium |
| Description |
|---|
| This setting controls the reporting of errors to Microsoft and, if defined, a corporate error reporting site. This does not interfere with the reporting of errors to the local user. Since the contents of memory are included in this Error Report, sensitive information may be transmitted to Microsoft. This feature should be disabled to prevent the release of such information. |
| STIG | Date |
|---|---|
| Windows 2003 Domain Controller Security Technical Implementation Guide | 2013-07-03 |
Details
| Check Text ( C-208r1_chk ) |
|---|
| If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Subkey: \Software\Policies\Microsoft\PCHealth\ErrorReporting\ Value Name: DoReport Type: REG_DWORD Value: 0 Documentable Explanation: This setting may be enabled, if the site has configured the options to send the report to a local error reporting server: Computer Configuration -> Administrative Templates -> System -> Error Reporting ,”Configure Error Reporting”. Document the requirement with the IAO. |
| Fix Text (F-34260r1_fix) |
|---|
| Configure the policy value for Computer Configuration -> Administrative Templates -> System -> Internet Communication Management -> Internet Communication settings-> “Turn off Windows Error Reporting” to “Enabled”. |