18.9.31.3 (L1) Ensure 'Turn off heap termination on corruption' is set to 'Disabled'

Information

Without heap termination on corruption, legacy plug-in applications may continue to function when a File Explorer session has become corrupt. Ensuring that heap termination on corruption is active will prevent this.

The recommended state for this setting is: Disabled

Allowing an application to function after its session has become corrupt increases the risk posture to the system.

Solution

To establish the recommended configuration via GP, set the following UI path to Disabled :

Computer Configuration\Policies\Administrative Templates\Windows Components\File Explorer\Turn off heap termination on corruption

Note: This Group Policy path is provided by the Group Policy template Explorer.admx/adml that is included with all versions of the Microsoft Windows Administrative Templates.

Impact:

None - this is the default behavior.

See Also

https://workbench.cisecurity.org/benchmarks/14291

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SC-39, 800-53|SI-16, CSCv7|8.3

Plugin: Windows

Control ID: 017b7150022a3077234e90c9eaf04daaf5d5a984d3a9c137ea490b06b757c975