Access Credential Manager as a trusted callerID: oval:org.secpod.oval:def:14748 | Date: (C)2013-08-13 (M)2023-07-04 |
Class: COMPLIANCE | Family: windows |
This setting is used by Credential Manager during Backup/Restore. No accounts should have this privilege, as it is only assigned to Winlogon. Users saved credentials might be compromised if this privilege is given to other entities.
Saved credentials of users may be compromised if this privilege is given to other entities.
Fix:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment\Access Credential Manager as a trusted caller
(2) REG: INFO NOT AVAILABLE
Platform: |
Microsoft Windows 7 |