Title

The system must be configured to prevent the display of error messages to the user. (Cat II impact)

Discussion

Displaying error messages to users provides them the option of sending the reports. Error reports should be sent silently, unknown to the user. This setting controls whether users are shown an error dialog box that lets them report an error.

Check Content

If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting\ Value Name: DontShowUI Type: REG_DWORD Value: 1

Fix Text

Configure the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Windows Error Reporting -> "Prevent display of the user interface for critical errors" to "Enabled".

Additional Identifiers

Rule ID: SV-71849r1_rule

Vulnerability ID: V-57455

Group Title: WINER-000006

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.