2.006 - ACLS FOR SYSTEM FILES AND DIRECTORIES DO NOT CONFORM TO MINIMUM REQUIREMENTS. - 'C:\Program Files'

Information

Failure to properly configure file and directory permissions (ACLs) allows the possibility of unauthorized and anonymous modification to the operating system and installed applications.

Solution

Maintain the default file ACLs, configure the Security Option- 'Network access- Let everyone permissions apply to anonymous users' to 'Disabled' (V-3377) and restrict the Power Users group to include no members.

See Also

http://iasecontent.disa.mil/stigs/zip/Oct2016/U_Windows_Vista_V6R41_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-3(4), CAT|II, CCI|CCI-002165, Rule-ID|SV-16968r1_rule, STIG-ID|2.006, Vuln-ID|V-1130

Plugin: Windows

Control ID: c3e2e329437de5e3f33d04b3d128c4dd99b7e04095d6d49f280970fd4e1a5e79