WN16-00-000480 - Windows 2016 systems must have Unified Extensible Firmware Interface (UEFI) firmware and be configured to run in UEFI mode, not Legacy BIOS.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

UEFI provides additional security features in comparison to legacy BIOS firmware, including Secure Boot. UEFI is required to support additional security features in Windows Server 2016, including Virtualization Based Security and Credential Guard. Systems with UEFI that are operating in 'Legacy BIOS' mode will not support these security features.

Solution

Configure UEFI firmware to run in 'UEFI' mode, not 'Legacy BIOS' mode.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_Server_2016_V2R8_STIG.zip

Item Details

References: CAT|III, CCI|CCI-000366, Rule-ID|SV-224865r569186_rule, STIG-ID|WN16-00-000480, STIG-Legacy|SV-101007, STIG-Legacy|V-90357, Vuln-ID|V-224865

Plugin: Windows

Control ID: 7b218d3c9cbd95a1e10c2085e65ea5567ad7674cb124464e86038998b34ef14d