Detections
Analytics
WN25-SO-000410 - Windows Server 2025 User Account Control (UAC) must automatically deny standard user requests for elevation.
Information
UAC is a security mechanism for limiting the elevation of privileges, including administrative accounts, unless authorized. This setting controls the behavior of elevation when requested by a standard user account.Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157
Solution
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> User Account Control: Behavior of the elevation prompt for standard users to 'Automatically deny elevation requests'.See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_Server_2025_V1R1_STIG.zip
Item Details
Audit Name: DISA Microsoft Windows Server 2025 STIG v1r1
Category: SYSTEM AND COMMUNICATIONS PROTECTION
References: 800-53|SC-11, CAT|II, CCI|CCI-004895, Rule-ID|SV-278235r1182197_rule, STIG-ID|WN25-SO-000410, Vuln-ID|V-278235
Plugin: Windows
Control ID: b0ae5e6c97a80049c2f320683948fdb0084e69f83617c90bcc409cb0f6cd0758