18.9.39.1.1 Ensure 'Turn off Windows Location Provider' is set to 'Enabled'

Information

This policy setting turns off the Windows Location Provider feature for the computer.

The recommended state for this setting is: Enabled.

Rationale:

This setting affects the Windows Location Provider feature (e.g. GPS or other location tracking). From a security perspective, it's not a good idea to reveal your location to software in most cases, but there are legitimate uses, such as mapping software. However, they should not be used in high security environments.

Solution

To establish the recommended configuration via GP, set the following UI path to Enabled:

Computer Configuration\Policies\Administrative Templates\Windows Components\Location and Sensors\Windows Location Provider\Turn off Windows Location Provider

Note: This Group Policy path may not exist by default. It is provided by the Group Policy template LocationProviderAdm.admx/adml that is included with the Microsoft Windows 8.0 & Server 2012 (non-R2) Administrative Templates (or newer).

Impact:

The Windows Location Provider feature is turned off, and all programs on the computer are prevented from using the Windows Location Provider feature.

Default Value:

Disabled. (Programs on the computer are permitted to use the Windows Location Provider feature.)

References:

CCE-38225-9

See Also

https://workbench.cisecurity.org/files/2742