Navigate

Check: 5.132

windows 7 iavm: 5.132 (in version v1 r32)

Title

Require username and password to elevate a running application. (Cat II impact)

Discussion

This check verifies that the system is configured to always require users to type in a user name and password to elevate a running application.

Check Content

If the following registry value doesn’t exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Subkey: \Software\Microsoft\Windows\CurrentVersion\Policies\CredUI Value Name: EnumerateAdministrators Type: REG_DWORD Value: 0

Fix Text

Configure the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Credential User Interface “Enumerate administrator accounts on elevation” to “Disabled”.

Additional Identifiers

Rule ID:

Vulnerability ID: V-14243

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-001084	Isolate security functions from nonsecurity functions.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
SC-3	Security Function Isolation