A non-administrator account must not have administrator rights on the system.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| WN08-GE-000009 | WN08-GE-000009 | WN08-GE-000009_rule | Medium |
| Description |
|---|
| An account that does not have administrator duties must not have administrator rights. Such rights would allow the account to bypass or modify required security restrictions on that machine and make it vulnerable to attack from both internal and external sources. |
| STIG | Date |
|---|---|
| Windows 8 Security Technical Implementation Guide | 2012-11-21 |
Details
| Check Text ( C-WN08-GE-000009_chk ) |
|---|
| Review the Administrators group in Computer Management. Compare the members with the site's list of authorized administrators. If an account without administrator duties is a member of the Administrators group, this is a finding. |
| Fix Text (F-WN08-GE-000009_fix) |
|---|
| Include only accounts with administrative duties in the Administrator group. Remove any unauthorized members from the Administrator group. Update the list of authorized administrators as appropriate. |