WN10-00-000080 - Only authorized user accounts must be allowed to create or run virtual machines on Windows 10 systems.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version


Allowing other operating systems to run on a secure system may allow users to circumvent security. For Hyper-V, preventing unauthorized users from being assigned to the Hyper-V Administrators group will prevent them from accessing or creating virtual machines on the system. The Hyper-V Hypervisor is used by Virtualization Based Security features such as Credential Guard on Windows 10; however, it is not the full Hyper-V installation.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.


For Hyper-V, remove any unauthorized groups or user accounts from the 'Hyper-V Administrators' group.

For hosted hypervisors other than Hyper-V, restrict access to create or run virtual machines to authorized user accounts only.

See Also


Item Details

References: CAT|II, CCI|CCI-000381, Rule-ID|SV-220714r569187_rule, STIG-ID|WN10-00-000080, STIG-Legacy|SV-77855, STIG-Legacy|V-63365, Vuln-ID|V-220714

Plugin: Windows

Control ID: 7e33fa408c865bb3426dd50cba3026c70fd1b978ba3093fd6ad3e03fa759283f