3.030 - Anonymous access to the registry must be restricted - reg check

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

The registry is integral to the function, security, and stability of the Windows system. Some processes may require anonymous access to the registry. This must be limited to properly protect the system.

Solution

Maintain permissions at least as restrictive as the defaults listed below for the 'winreg' registry key. It is recommended to not change the permissions from the defaults.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg\

The following are the same for each permission listed:
Type - Allow
Inherited from - <not inherited>

Columns: Name - Permission - Apply to
Administrators - Full Control - This key and subkeys
Backup Operators - Special - This key only
(Special = Query Value, Enumerate Subkeys, Notify, Read Control (effectively = Read))
LOCAL SERVICE - Read - This key and subkeys

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_2008_R2_DC_V1R34_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6(10), CAT|I, CCI|CCI-002235, Rule-ID|SV-32260r3_rule, STIG-ID|3.030, Vuln-ID|V-1152

Plugin: Windows

Control ID: 5b32a6cd1b99b3cb85015a688bab92cc22a5f44e8faf5d4fa07c4812356856de