18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - MSACCESS.EXE

Information

This setting determines if recommended EMET mitigations are applied to the following software:

Adobe Acrobat

Adobe Acrobat Reader

Microsoft Office suite applications

Oracle Java

WordPad

The recommended state for this setting is: Enabled.

Rationale:

Applying EMET mitigations to recommended software will help reduce the reliability of exploits that target them.

Impact:

EMET mitigations will be applied to the listed recommended software that is installed on the computer.

Solution

To establish the recommended configuration via GP, set the following UI path to Enabled:

Computer Configuration\Policies\Administrative Templates\Windows Components\EMET\Default Protections for Recommended Software

Note: This Group Policy path does not exist by default. An additional Group Policy template (EMET.admx/adml) is required - it is included with Microsoft Enhanced Mitigation Experience Toolkit (EMET).

Default Value:

User configured.

See Also

https://workbench.cisecurity.org/benchmarks/14249

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SC-39, 800-53|SI-16, CCE|CCE-35479-5, CSCv7|8.3

Plugin: Windows

Control ID: e4d0a790cb57eacd400f5192cbb71a3e8edd56c15d3f850ef3d2b81f0639d501