Configure Security Policy for Scripted DiagnosticsID: oval:org.secpod.oval:def:28126 | Date: (C)2015-10-08 (M)2023-07-04 |
Class: COMPLIANCE | Family: windows |
Determines whether scripted diagnostics will execute diagnostic packages that are signed by untrusted publishers.
If you enable this policy setting, the scripted diagnostics execution engine will validate the signer of any diagnostic package and only run those signed by trusted publishers.
If you disable this policy setting, the scripted diagnostics execution engine will run all digitally signed packages.
Fix:
(1) GPO: Computer Configuration\Administrative Templates\System\Troubleshooting and Diagnostics\Scripted Diagnostics!Configure Security Policy for Scripted Diagnostics
(2) REG: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\ScriptedDiagnostics!ValidateTrust
Platform: |
Microsoft Windows Server 2012 R2 |