UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Remote control of a Terminal Service session is allowed.


Overview

Finding ID Version Rule ID IA Controls Severity
V-3341 3.066 SV-3341r1_rule ECSC-1 High
Description
This setting is used to control the rules for remote control of Terminal Services user sessions. This is a Category 1 finding because remote control of sessions could permit an unauthorized user to access sensitive information on the controlled system.
STIG Date
Windows XP Security Technical Implementation Guide 2013-10-01

Details

Check Text ( C-161r1_chk )
If the following registry value does not exist or is not configured as specified, this is a finding:

Registry Hive: HKEY_LOCAL_MACHINE
Subkey: \Software\Policies\Microsoft\Windows NT\Terminal Services\
Value Name: Shadow
Type: REG_DWORD
Value: 0

Fix Text (F-126r1_fix)
Configure the system to prevent remote control of the computer by setting the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Terminal Services, “Sets rules for remote control of Terminal Services user settings” to “Enabled” and the “Options” will be set to “No remote control allowed”.