Navigate

Check: 3.141

Windows Vista STIG: 3.141 (in versions v6 r42 through v6 r41)

Title

User Account Control – Executable Elevation (Cat III impact)

Discussion

This check verifies that elevation of application in UAC is not restricted to signed and validated applications per the FDCC.

Check Content

Analyze the system using the Security Configuration and Analysis snap-in. Expand the Security Configuration and Analysis tree view. Navigate to Local Policies -> Security Options. If the value for “User Account Control: Only elevate executables that are signed and validated” is not set to “Disabled”, then this is a finding.

Fix Text

Configure the setting for “User Account Control: Only elevate executables that are signed and validated” to “Disabled”.

Additional Identifiers

Rule ID: SV-18428r2_rule

Vulnerability ID: V-17374

Group Title: UAC – Executable Elevation

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-001084	The information system isolates security functions from nonsecurity functions.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
SC-3	Security Function Isolation