Microsoft Windows 10 STIG Version Comparison

There are 9 differences between versions v2 r7 (June 7, 2023) (the "left" version) and v2 r9 (May 15, 2024) (the "right" version).

Check WN10-00-000395 was added to the benchmark in the "right" version.

This check's original form is available here.

Title

Windows 10 must not have portproxy enabled or in use.

Check Content

Check the registry key for existence of proxied ports: HKLM\SYSTEM\CurrentControlSet\Services\PortProxy\. If the key contains v4tov4\tcp\ or is populated v4tov4\tcp\, this is a finding. Run "netsh interface portproxy show all". If the command displays any results, this is a finding.

Discussion

Having portproxy enabled or configured in Windows 10 could allow a man-in-the-middle attack.

Fix

Contact the Administrator to run "netsh interface portproxy delete" with elevation. Remove any enabled portproxies that may be configured.