UCF STIG Viewer Logo

The Windows Explorer Preview pane must be disabled for Windows 2012.


Overview

Finding ID Version Rule ID IA Controls Severity
V-102619 WN12-CC-000142 SV-111569r1_rule Medium
Description
A known vulnerability in Windows could allow the execution of malicious code by either opening a compromised document or viewing it in the Windows Preview pane. Organizations must disable the Windows Preview pane and Windows Detail pane.
STIG Date
Windows Server 2012/2012 R2 Member Server Security Technical Implementation Guide 2020-06-16

Details

Check Text ( C-101357r5_chk )
If the following registry values do not exist or are not configured as specified, this is a finding:

Registry Hive: HKEY_CURRENT_USER
Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer

Value Name: NoPreviewPane

Value Type: REG_DWORD

Value: 1

Registry Hive: HKEY_CURRENT_USER
Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer

Value Name: NoReadingPane

Value Type: REG_DWORD

Value: 1
Fix Text (F-108151r3_fix)
Ensure the following settings are configured for Windows 2012 locally or applied through group policy.

Configure the policy value for User Configuration >> Administrative Templates >> Windows Components >> File Explorer >> Explorer Frame Pane "Turn off Preview Pane" to "Enabled".

Configure the policy value for User Configuration >> Administrative Templates >> Windows Components >> File Explorer >> Explorer Frame Pane "Turn on or off details pane" to "Enabled" and "Configure details pane" to "Always hide".