Navigate

Check: 2.022

Windows Vista STIG: 2.022 (in versions v6 r42 through v6 r41)

Title

Disallow AutoPlay/Autorun from Autorun.inf (Cat I impact)

Discussion

This registry key will prevent the autorun.inf from executing commands.

Check Content

In the Registry Editor, navigate to the following registry key: Registry Hive: HKEY_LOCAL_MACHINE Subkey: SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf Value Name: (Default) Type: REG_Sz Value: @SYS:DoesNotExist If the above listed registry value does not exist, then this is a finding.

Fix Text

Add the registry value as specified in the manual check.

Additional Identifiers

Rule ID: SV-29584r1_rule

Vulnerability ID: V-17900

Group Title: Disallow AutoPlay/Autorun from Autorun.inf

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-001764	The information system prevents program execution in accordance with organization-defined policies regarding software program usage and restrictions, and/or rules authorizing the terms and conditions of software program usage.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
CM-7 (2)	Prevent Program Execution