Check: WN12-CC-000048
Microsoft Windows Server 2012/2012 R2 Member Server STIG:
WN12-CC-000048
(in versions v3 r7 through v2 r7)
Title
Copying of user input methods to the system account for sign-in must be prevented. (Cat II impact)
Discussion
Allowing different input methods for sign-in could open different avenues of attack. User input methods must be restricted to those enabled for the system account at sign-in.
Check Content
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \Software\Policies\Microsoft\Control Panel\International\ Value Name: BlockUserInputMethodsForSignIn Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration -> Administrative Templates -> System -> Locale Services -> "Disallow copying of user input methods to the system account for sign-in" to "Enabled".
Additional Identifiers
Rule ID: SV-225348r569185_rule
Vulnerability ID: V-225348
Group Title: SRG-OS-000095-GPOS-00049
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000381 |
The organization configures the information system to provide only essential capabilities. |
Controls
Number | Title |
---|---|
CM-7 |
Least Functionality |