UCF STIG Viewer Logo

Trusted app installation must be enabled to allow for signed enterprise line of business apps.


Overview

Finding ID Version Rule ID IA Controls Severity
V-36697 WN12-CC-000070 SV-51738r1_rule ECSC-1 Low
Description
Enabling trusted app installation allows for enterprise line of business Windows 8 type apps. A trusted app package is one that is signed with a certificate chain that can be successfully validated in the enterprise. Configuring this ensures enterprise line of business apps are accessible.
STIG Date
Windows Server 2012 / 2012 R2 Domain Controller Security Technical Implementation Guide 2016-12-19

Details

Check Text ( C-46867r1_chk )
If the following registry value does not exist or is not configured as specified, this is a finding:

Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: \Software\Policies\Microsoft\Windows\Appx\

Value Name: AllowAllTrustedApps

Type: REG_DWORD
Value: 1
Fix Text (F-44813r1_fix)
Configure the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> App Package Deployment -> "Allow all trusted apps to install" to "Enabled".