Detections
Analytics

1.248 WN22-SO-000410

Information

Windows Server 2022 User Account Control (UAC) must automatically deny standard user requests for elevation.

GROUP ID: V-254485
RULE ID: SV-254485r1051109

UAC is a security mechanism for limiting the elevation of privileges, including administrative accounts, unless authorized. This setting controls the behavior of elevation when requested by a standard user account.

Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157

Solution

Configure the policy value for

Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> User Account Control: Behavior of the elevation prompt for standard users to 'Automatically deny elevation requests'

See Also

https://workbench.cisecurity.org/benchmarks/22357

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-11, CAT|II, CCI|CCI-002038, Rule-ID|SV-254485r1051109_rule, STIG-ID|WN22-SO-000410, Vuln-ID|V-254485

Plugin: Windows

Control ID: 567e53ef180d172f39ed46c20d962244b2435e5b5d40595fc5a9b0b4b8987b2a