Detections
Analytics
WN25-SO-000430 - Windows Server 2025 User Account Control (UAC) must only elevate UIAccess applications that are installed in secure locations.
Information
UAC is a security mechanism for limiting the elevation of privileges, including administrative accounts, unless authorized. This setting configures Windows to only allow applications installed in a secure location on the file system, such as the Program Files or the Windows\System32 folders, to run with elevated privileges.Solution
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> User Account Control: Only elevate UIAccess applications that are installed in secure locations to 'Enabled'.See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_Server_2025_V1R1_STIG.zip
Item Details
Audit Name: DISA Microsoft Windows Server 2025 STIG v1r1
Category: SYSTEM AND COMMUNICATIONS PROTECTION
References: 800-53|SC-3, CAT|II, CCI|CCI-001084, Rule-ID|SV-278237r1182201_rule, STIG-ID|WN25-SO-000430, Vuln-ID|V-278237
Plugin: Windows
Control ID: 1894d757bce6543eda79ce5a74a004c74b3292d9a8fe2a09a759b5ac994929f8