DISA Microsoft Windows 11 STIG v2r3

This audit file has been deprecated and will be removed in a future update.

Name: DISA Microsoft Windows 11 STIG v2r3

Updated: 9/25/2025

Authority: DISA STIG

Plugin: Windows

Revision: 1.2

Estimated Item Count: 259

Filename: DISA_STIG_Microsoft_Windows_11_v2r3.audit

Size: 448 kB

MD5: 907625a71cc41e8c3ee0b47f6a7d08a2

SHA256: b4b5b141011a898a667df4eee1e2af683b86abb68701469e9554b06676390b1d


Revision 1.2 Sep 25, 2025 Miscellaneous Audit deprecated. Metadata updated. References updated.
Revision 1.1 Jun 23, 2025 Functional Update DISA_Microsoft_Windows_11_STIG_v2r3.audit from DISA Microsoft Windows 11 STIG v2r3 WN11-00-000025 - Windows 11 must employ automated mechanisms to determine the state of system components with regard to flaw remediation using the following frequency: Continuously, where ESS is used; 30 days, for any additional internal network scans not covered by ESS; and annually, for external scans by Computer Network Defense Service Provider (CNDSP). WN11-00-000055 - Alternate operating systems must not be permitted on the same system. WN11-00-000060 - Non-system-created file shares on a system must limit access to groups that require it. WN11-00-000130 - Software certificate installation files must be removed from Windows 11. WN11-00-000190 - Orphaned security identifiers (SIDs) must be removed from user rights on Windows 11. WN11-00-000240 - Administrative accounts must not be used with applications that access the internet, such as web browsers, or with potential internet sources, such as email. WN11-00-000250 - Windows 11 nonpersistent VM sessions must not exceed 24 hours. Miscellaneous Platform check updated.

DISA Microsoft Windows 11 STIG v2r3 Download File