CCE-47794-3Platform: cpe:/o:microsoft:windows_server_2016 | Date: (C)2022-09-02 (M)2023-07-04 |
This policy setting allows you to manage whether Windows marks file attachments with information about their zone of origin (i.e. restricted, Internet, intranet, local). This requires NTFS in order to function correctly, and will fail without notice on FAT32. By not preserving the zone information Windows cannot make proper risk assessments.
If you enable this policy setting Windows does not mark file attachments with their zone information.
If you disable this policy setting Windows marks file attachments with their zone information.
If you do not configure this policy setting Windows marks file attachments with their zone information.
Fix:
(1) GPO: User ConfigurationAdministrative TemplatesWindows ComponentsAttachment Manager!Do not preserve zone information in file attachments
(2) REG: HKEY_USERSSoftwareMicrosoftWindowsCurrentVersionPoliciesAttachments!SaveZoneInformation
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: User Configuration\Administrative Templates\Windows Components\Attachment Manager!Do not preserve zone information in file attachments
(2) REG: HKEY_USERS\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments!SaveZoneInformation
CCSS Severity: | CCSS Metrics: |
CCSS Score : 7.3 | Attack Vector: LOCAL |
Exploit Score: 1.3 | Attack Complexity: LOW |
Impact Score: 5.9 | Privileges Required: LOW |
Severity: HIGH | User Interaction: REQUIRED |
Vector: AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:83728 |