[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-42362-4

Platform: cpe:/o:microsoft:windows_10Date: (C)2016-09-23   (M)2023-07-04



Disable: 'Devices: Prevent users from installing printer drivers' for AddPrinterDrivers It is feasible for a attacker to disguise a Trojan horse program as a printer driver. The program may appear to users as if they must use it to print, but such a program could unleash malicious code on your computer network. To reduce the possibility of such an event, only administrators should be allowed to install printer drivers. However, because laptops are mobile devices, laptop users may occasionally need to install a printer driver from a remote source to continue their work. Therefore, this policy setting should be disabled for laptop users, but always enabled for desktop users. Counter Measure: Enable the Devices: Prevent users from installing printer drivers setting. Potential Impact: Only users with Administrative, Power User, or Server Operator privileges will be able to install printers on the servers. If this policy setting is enabled but the driver for a network printer already exists on the local computer, users can still add the network printer.


Parameter:

[enable/disable]


Technical Mechanism:

(1) GPO: Computer ConfigurationWindows SettingsSecurity SettingsLocal PoliciesSecurity OptionsDevices: Prevent users from installing printer drivers (2) REG: HKEY_LOCAL_MACHINESystemCurrentControlSetControlPrintProvidersLanMan Print ServicesServersAddPrinterDrivers

CCSS Severity:CCSS Metrics:
CCSS Score : 7.8Attack Vector: LOCAL
Exploit Score: 1.8Attack Complexity: LOW
Impact Score: 5.9Privileges Required: LOW
Severity: HIGHUser Interaction: NONE
Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HScope: UNCHANGED
 Confidentiality: HIGH
 Integrity: HIGH
 Availability: HIGH
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:35092


OVAL    1
oval:org.secpod.oval:def:35092
XCCDF    4
xccdf_org.secpod_benchmark_PCI_3_2_Windows_10
xccdf_org.secpod_benchmark_SecPod_Windows_10
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_10
xccdf_org.secpod_benchmark_general_Windows_10
...

© SecPod Technologies