Shutdown: Clear virtual memory pagefile

Information

Shutdown: Clear virtual memory pagefile

This security setting determines whether the virtual memory pagefile is cleared when the system is shut down.

Virtual memory support uses a system pagefile to swap pages of memory to disk when they are not used. On a running system, this pagefile is opened exclusively by the operating system, and it is well protected. However, systems that are configured to allow booting to other operating systems might have to make sure that the system pagefile is wiped clean when this system shuts down. This ensures that sensitive information from process memory that might go into the pagefile is not available to an unauthorized user who manages to directly access the pagefile.

When this policy is enabled, it causes the system pagefile to be cleared upon clean shutdown. If you enable this security option, the hibernation file (hiberfil.sys) is also zeroed out when hibernation is disabled.

Default: Disabled.

Solution

Policy Path: Local Policies\Security Options
Policy Name: Shutdown: Clear virtual memory pagefile

See Also

https://www.microsoft.com/en-us/download/details.aspx?id=55319

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CSCv6|3.1

Plugin: Windows

Control ID: d7b6bd5a34f092806b42c5cad7ac19b670a36e1a380ea531e293c42c225a65e7