Navigate

Check: 5.285

windows 7 iavm: 5.285 (in version v1 r32)

Title

Explorer Data Execution Prevention is disabled. (Cat II impact)

Discussion

This setting will prevent Data Execution Prevention from being turned off for Windows Explorer.

Check Content

If the following registry value doesn’t exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Subkey: \Software\Policies\Microsoft\Windows\Explorer\ Value Name: NoDataExecutionPrevention Type: REG_DWORD Value: 0

Fix Text

Configure the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Windows Explorer -> “Turn off Data Execution Prevention for Explorer” to “Disabled”.

Additional Identifiers

Rule ID:

Vulnerability ID: V-21980

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-002824	Implement organization-defined controls to protect the system memory from unauthorized code execution.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
SI-16	Memory Protection