Navigate

Check: WN11-CC-000390

Microsoft Windows 11 STIG: WN11-CC-000390 (in versions v1 r6 through v1 r1)

Title

Windows 11 must be configured to prevent users from receiving suggestions for third-party or additional applications. (Cat III impact)

Discussion

Windows spotlight features may suggest apps and content from third-party software publishers in addition to Microsoft apps and content.

Check Content

If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_CURRENT_USER Registry Path: \SOFTWARE\Policies\Microsoft\Windows\CloudContent\ Value Name: DisableThirdPartySuggestions Type: REG_DWORD Value: 0x00000001 (1)

Fix Text

Configure the policy value for User Configuration >> Administrative Templates. >> Windows Components >> Cloud Content >> "Do not suggest third-party content in Windows spotlight" to "Enabled".

Additional Identifiers

Rule ID: SV-253425r829359_rule

Vulnerability ID: V-253425

Group Title: SRG-OS-000095-GPOS-00049

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000381	The organization configures the information system to provide only essential capabilities.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
CM-7	Least Functionality