CCE-43070-2Platform: cpe:/o:microsoft:windows_10 | Date: (C)2016-09-23 (M)2023-07-04 |
Disable: 'Allow the use of biometrics'
If you enable (or do not configure) this policy setting, the Windows Biometric Service will be available, and users will be able to run applications that use biometrics on Windows. If you want to enable the ability to log on with biometrics, you must also configure the "Allow users to log on using biometrics" policy setting.
If you disable this policy setting, the Windows Biometric Service will not be available, and users will be unable to use any biometric features in Windows.
Note: Users who log on using biometrics should create a password-recovery disk; this will prevent data loss in the event that someone forgets their logon credentials.
Counter Measure:
Enable or disable this policy setting depending on whether or not your organization uses biometrics.
Potential Impact:
If you enable (or do not configure) this policy setting, the Windows Biometric Service will be available, and users will be able to run applications that use biometrics on Windows. If you want to enable the ability to log on with biometrics, you must also configure the "Allow users to log on using biometrics" policy setting.
If you disable this policy setting, the Windows Biometric Service will not be available, and users will be unable to use any biometric features in Windows."
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsBiometricsAllow the use of biometrics
(2) REG: HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftBiometricsEnabled
CCSS Severity: | CCSS Metrics: |
CCSS Score : 6.4 | Attack Vector: PHYSICAL |
Exploit Score: 0.5 | Attack Complexity: HIGH |
Impact Score: 5.9 | Privileges Required: NONE |
Severity: MEDIUM | User Interaction: NONE |
Vector: AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:35229 |