Check: WN12-UC-000012
Microsoft Windows Server 2012/2012 R2 Domain Controller STIG:
WN12-UC-000012
(in versions v3 r7 through v2 r7)
Title
Users must be prevented from sharing files in their profiles. (Cat II impact)
Discussion
Allowing users to share files in their profiles may provide unauthorized access or result in the exposure of sensitive data.
Check Content
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_CURRENT_USER Registry Path: \Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ Value Name: NoInPlaceSharing Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for User Configuration -> Administrative Templates -> Windows Components -> Network Sharing -> "Prevent users from sharing files within their profile" to "Enabled".
Additional Identifiers
Rule ID: SV-226368r794688_rule
Vulnerability ID: V-226368
Group Title: SRG-OS-000480-GPOS-00228
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |