Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Printer share permissions must be restricted to Print for non administrators.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-1135 | 3.027 | SV-25007r2_rule | Low |
| Description |
|---|
| Improperly configured share permissions on printers can permit the addition of unauthorized print devices on the network. Windows shares are a means by which files, folders, printers, and other resources can be published for network users to remotely access. |
| STIG | Date |
|---|---|
| Windows 7 Security Technical Implementation Guide | 2018-02-12 |
Details
| Check Text ( C-60783r3_chk ) |
|---|
| Open "Devices and Printers" in Control Panel. If there are no locally attached printers, this is NA. Perform this check for each locally attached printer: Right-click on a locally attached printer. Select "Printer Properties". Select the "Sharing" tab. View whether "Share this printer" is checked. Perform this check on each printer that has the "Share this printer" selected: Select the Security tab. If any non-administrative user accounts or groups have greater than "Print", this is a finding. |
| Fix Text (F-65515r3_fix) |
|---|
| Configure the permissions on locally shared printers to ensure non administrators only have "Print". Open "Devices and Printers" in Control Panel. Right-click on a locally attached printer. Select "Printer Properties". Select the "Sharing" tab. For each printer that has the "Share this printer" selected: Select the Security tab. Assign any non-administrative user accounts or groups "Print" permission only. |