MSS: (AutoReboot) Allow Windows to automatically restart after a system crash (recommended except for highly secure environments)ID: oval:org.secpod.oval:def:14575 | Date: (C)2013-08-13 (M)2023-07-04 |
Class: COMPLIANCE | Family: windows |
This entry appears as MSS: (AutoReboot) Allow Windows to automatically restart after a system crash (recommended except for highly secure environments) in the SCE. This entry, when enabled, permits a server to automatically reboot after a fatal crash. It is enabled by default, which is undesirable on highly secure servers. You can add this registry value to the template file in the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\CrashControl\ subkey. It determines whether the computer restarts automatically after it fails.
Vulnerability:
There is some concern that a computer could get stuck in an endless loop of failures and restarts. However, the alternative to this entry may not be much more appealing-the computer stops running.
Countermeasure:
Configure the AutoReboot entry to a value of 0 (disabled).
Potential impact:
When this setting is enabled, the computer does not restart automatically after a failure.
Fix:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\MSS: (AutoReboot) Allow Windows to automatically restart after a system crash (recommended except for highly secure environments)
(2) REG: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl!AutoReboot
Platform: |
Microsoft Windows 7 |