User Account Control – Executable Elevation
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-17374 | 3.141 | SV-18428r2_rule | ECSC-1 | Low |
| Description |
|---|
| This check verifies that elevation of application in UAC is not restricted to signed and validated applications per the FDCC. |
| STIG | Date |
|---|---|
| Windows Vista Security Technical Implementation Guide | 2017-01-30 |
Details
| Check Text ( C-18083r1_chk ) |
|---|
| Analyze the system using the Security Configuration and Analysis snap-in. Expand the Security Configuration and Analysis tree view. Navigate to Local Policies -> Security Options. If the value for “User Account Control: Only elevate executables that are signed and validated” is not set to “Disabled”, then this is a finding. |
| Fix Text (F-17280r1_fix) |
|---|
| Configure the setting for “User Account Control: Only elevate executables that are signed and validated” to “Disabled”. |