An error occurred:

Check: 5.239

Windows 7 STIG: 5.239 (in versions v1 r32 through v1 r25)

Title

Disable heap termination on corruption in Windows Explorer. (Cat III impact)

Discussion

This check verifies that heap termination on corruption is disabled. This may prevent Windows Explorer from terminating immediately from certain legacy plug-in applications.

Check Content

If the following registry value doesn’t exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Subkey: \Software\Policies\Microsoft\Windows\Explorer\ Value Name: NoHeapTerminationOnCorruption Type: REG_DWORD Value: 0

Fix Text

Configure the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Windows Explorer “Turn off heap termination on corruption” to “Disabled”.

Additional Identifiers

Rule ID: SV-25191r2_rule

Vulnerability ID: V-15718

Group Title: Windows Explorer – Heap Termination

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-002385

Protect against or limit the effects of organization-defined types of denial-of-service events.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
SC-5

Denial of Service Protection