Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-3471 | 3.083 | SV-32347r1_rule | ECSC-1 | Medium |
Description |
---|
This setting controls the reporting of errors to Microsoft and, if defined, a corporate error reporting site. This does not interfere with the reporting of errors to the local user. Since the contents of memory are included in this Error Report, sensitive information may be transmitted to Microsoft. This feature should be disabled to prevent the release of such information. |
STIG | Date |
---|---|
Windows Server 2008 R2 Member Server Security Technical Implementation Guide | 2012-08-28 |
Check Text ( C-39115r1_chk ) |
---|
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Subkey: \Software\Policies\Microsoft\PCHealth\ErrorReporting\ Value Name: DoReport Type: REG_DWORD Value: 0 Documentable Explanation: This setting may be enabled if the site has configured the option to send reports to a local error reporting server: Computer Configuration -> Administrative Templates -> Windows Components -> Windows Error Reporting -> Advanced Error Reporting Settings -> “Configure Corporate Windows Error Reporting”. Document the requirement with the IAO. |
Fix Text (F-34260r1_fix) |
---|
Configure the policy value for Computer Configuration -> Administrative Templates -> System -> Internet Communication Management -> Internet Communication settings-> “Turn off Windows Error Reporting” to “Enabled”. |