Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-43312 | WN08-GE-000053 | SV-56065r1_rule | ECSC-1 | Medium |
Description |
---|
Applications must be updated as flaws are identified and remediations are made available. The default method for updating Windows 8 apps is through the Windows Store, which is required to be blocked. An alternate method must be used to maintain the default Windows 8 apps with the latest security updates if they are allowed on a system. |
STIG | Date |
---|---|
Windows 8 / 8.1 Security Technical Implementation Guide | 2014-04-02 |
Check Text ( C-49288r3_chk ) |
---|
This requirement is NA for the initial release of Windows 8, which does not include the default Scan app. It is applicable to Windows 8.1. Verify the default Scan app has been patched with the latest security updates or removed from the system. Open a command prompt as an administrator. Enter "dism /online /Get-ProvisionedAppxPackages". If "DisplayName : Microsoft.WindowsScan" is listed and is not being updated with the latest security patches, this is a finding. The "PackageName" field will identify the version installed. This will need to be compared with the latest security updates from Microsoft. |
Fix Text (F-48895r3_fix) |
---|
This requirement is NA for the initial release of Windows 8, which does not include the default Scan app. It is applicable to Windows 8.1. Maintain the Scan app with the latest security patches or remove it from the system. Microsoft provides security updates to default provisioned apps through the Windows Update Catalog for WSUS or as MSI files, as an alternate method to the Windows Store for updating. To remove the Scan app from the system: Open a command prompt as an administrator. Enter "dism /online /Get-ProvisionedAppxPackages". Make note of the PackageName (e.g., Microsoft.WindowsScan_2013.822.1832.4879_neutral_~_8wekyb3d8bbwe). Enter the following to remove the app package from the system: "dism /online /Remove-ProvisionedAppxPackage /PackageName:packagename", substituting "packagename" noted from the previous step. Uninstall the application from any user profiles provisioned prior to this. |