Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-6826 | 5.108 | SV-29543r1_rule | ECSC-1 | Medium |
Description |
---|
A registry key for a valid DCOM object has access permissions that could allow non-administrator users to change the security settings if inadvertently set to a low level of security. An attacker could possibly execute code under the context of the console or some other user. |
STIG | Date |
---|---|
Windows Vista Security Technical Implementation Guide | 2015-01-05 |
Check Text ( None ) |
---|
None |
Fix Text (F-6513r1_fix) |
---|
Fortify DCOMs AppId permissions. Any changes should be thoroughly tested so objects continue to function under tightened security. - Open the Registry Editor. - Navigate to HKEY_LOCAL_MACHINE\Software\Classes\Appid. - Select the application that generated this vulnerability. - Set the permissions for standard (non-privileged) user accounts or groups to Read only. |