An error occurred:

Check: 3.087

Win2k3 Audit: 3.087 (in version v6 r1.29)

Title

The system is configured to allow installation of printers using kernel-mode drivers. (Cat II impact)

Discussion

Kernel-mode drivers are drivers that operate in kernel mode. Kernel mode allows virtually unlimited access to hardware and memory. A poorly written kernel driver may cause system instability and data corruption. Malicious code inserted in a kernel-mode driver has almost no limit on what it may do. Most modern printers do not require kernel-mode drivers.

Check Content

Fix Text

Configure the system to prevent it from allowing the installation of kernel-mode drivers by setting the policy value for Computer Configuration -> Administrative Templates -> Printers “Disallow Installation of Printers Using Kernel-mode Drivers” to “Enabled”.

Additional Identifiers

Rule ID: SV-29715r1_rule

Vulnerability ID: V-3478

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
No CCIs are assigned to this check

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
No controls are assigned to this check