Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-36708 | WN12-CC-000095 | SV-51748r2_rule | Medium |
Description |
---|
The location service on systems may allow sensitive data to be used by applications on the system. This should be turned off unless explicitly allowed for approved systems/applications. |
STIG | Date |
---|---|
Windows Server 2012/2012 R2 Domain Controller Security Technical Implementation Guide | 2019-10-03 |
Check Text ( C-46877r2_chk ) |
---|
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \Software\Policies\Microsoft\Windows\LocationAndSensors\ Value Name: DisableLocation Type: REG_DWORD Value: 1 (Enabled) If location services are approved for the system by the organization, this may be set to "Disabled" (0). This must be documented with the ISSO. |
Fix Text (F-44823r2_fix) |
---|
Configure the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Location and Sensors -> "Turn off location" to "Enabled". If location services are approved by the organization for a device, this must be documented. |