An error occurred:

Check: 3.030

Windows Vista STIG: 3.030 (in versions v6 r42 through v6 r41)

Title

Anonymous access to the registry must be restricted. (Cat I impact)

Discussion

The registry is integral to the function, security, and stability of the Windows system. Some processes may require anonymous access to the registry. This must be limited to properly protect the system.

Check Content

Run "Regedit". Navigate to the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\Winreg\ If the key does not exist, this is a finding. Review the permissions. If the default permissions listed below have been changed, this is a finding. Administrators - Full Control Backup Operators - Special (Special = Query Value, Enumerate Subkeys, Notify, Read Control (effectively = Read) - This key only) LOCAL SERVICE - Read

Fix Text

Maintain the default permissions of the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\Winreg\ Administrators - Full Backup Operators - Special (Special = Query Value, Enumerate Subkeys, Notify, Read Control (effectively = Read) - This key only) LOCAL SERVICE - Read

Additional Identifiers

Rule ID: SV-29594r2_rule

Vulnerability ID: V-1152

Group Title: Anonymous Access to the Registry

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-002235

The information system prevents non-privileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AC-6 (10)

Prohibit Non-Privileged Users From Executing Privileged Functions