Check: WN10-00-000175
Microsoft Windows 10 STIG:
(in versions v3 r3 through v1 r18)
The Secondary Logon service must be disabled on Windows 10. (Cat II impact)
The Secondary Logon service provides a means for entering alternate credentials, typically used to run commands with elevated privileges. Using privileged credentials in a standard user session can expose those credentials to theft.
Check Content
Run "Services.msc". Locate the "Secondary Logon" service. If the "Startup Type" is not "Disabled" or the "Status" is "Running", this is a finding.
Fix Text
Configure the "Secondary Logon" service "Startup Type" to "Disabled".
Additional Identifiers
Rule ID: SV-220732r958478_rule
Vulnerability ID: V-220732
Group Title: SRG-OS-000095-GPOS-00049
Expert Comments
Expert comments are only available to logged-in users.
CCIs tied to check.
Number | Definition |
CCI-000381 |
Configure the system to provide only organization-defined mission essential capabilities. |
Controls tied to check. These are derived from the CCIs shown above.
Number | Title |
CM-7 |
Least Functionality |