UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Standard user accounts must only have Read permissions to the Active Setup\Installed Components registry key.


Overview

Finding ID Version Rule ID IA Controls Severity
V-32282 WINRG-000001 SV-42619r2_rule High
Description
Permissions on the Active Setup\Installed Components registry key must only allow privileged accounts to add or change registry values. If standard user accounts have this capability there is a potential for programs to run with elevated privileges when a privileged user logs on to the system.
STIG Date
Windows Server 2008 R2 Domain Controller Security Technical Implementation Guide 2019-03-13

Details

Check Text ( C-66333r1_chk )
Run "Regedit".
Navigate to the following registry keys and review the permissions:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components\ (64-bit systems)

If the default permissions listed below have been changed, this is a finding.

Users - Read
Administrators - Full Control
SYSTEM - Full Control
CREATOR OWNER - Special
(Special = Full Control - Subkeys only)
Fix Text (F-71721r1_fix)
Maintain the default permissions of the following registry keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components\ (64-bit systems only)

Users - Read
Administrators - Full Control
SYSTEM - Full Control
CREATOR OWNER - Special
(Special = Full Control - Subkeys only)