CCE-25904-4Platform: cpe:/o:microsoft:windows_server_2012:- | Date: (C)2022-08-12 (M)2023-07-04 |
This policy setting specifies that Automatic Updates will wait for computers to be restarted by the users who are logged on to them to complete a scheduled installation.
If you enable the No auto-restart for scheduled Automatic Updates installations setting, Automatic Updates does not restart computers automatically during scheduled installations. Instead, Automatic Updates notifies users to restart their computers to complete the installations. You should note that Automatic Updates will not be able to detect future updates until restarts occur on the affected computers. If you disable or do not configure this setting, Automatic Updates will notify users that their computers will automatically restart in 5 minutes to complete the installations.
The possible values for the No auto-restart for scheduled Automatic Updates installations setting are:
- Enabled
- Disabled
- Not Configured
Note: This setting applies only when you configure Automatic Updates to perform scheduled update installations. If you configure the Configure Automatic Updates setting to Disabled, this setting has no effect.
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Windows Update!Setting controls the auto-restart functionality of the operating system
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU!NoAutoRebootWithLoggedOnUsers
CCSS Severity: | CCSS Metrics: |
CCSS Score : 3.7 | Attack Vector: NETWORK |
Exploit Score: 2.2 | Attack Complexity: HIGH |
Impact Score: 1.4 | Privileges Required: NONE |
Severity: LOW | User Interaction: NONE |
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L | Scope: UNCHANGED |
| Confidentiality: NONE |
| Integrity: NONE |
| Availability: LOW |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:82810 |