Anonymous access to the registry must be restricted.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-1152 | WN12-RG-000004 | SV-52864r1_rule | ECCD-1 ECCD-2 | High |
| Description |
|---|
| The registry is integral to the function, security, and stability of the Windows system. Some processes may require anonymous access to the registry. This must be limited to properly protect the system. |
| STIG | Date |
|---|---|
| Windows Server 2012 Member Server Security Technical Implementation Guide | 2014-01-07 |
Details
| Check Text ( C-47181r2_chk ) |
|---|
| Using the Registry Editor, navigate to the following key: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurePipeServers\Winreg\ If the key does not exist, this is a finding. If the permissions are not at least as restrictive as the defaults listed below, this is a finding. Administrators - Full Backup Operators - Read(QENR) Local Service - Read |
| Fix Text (F-45790r2_fix) |
|---|
| Ensure the system is configured to prevent anonymous users from gaining access to the registry. Maintain the default permissions of the following registry key: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurePipeServers\Winreg\ Administrators - Full Backup Operators - Read(QENR) Local Service - Read |