[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-97139-0

Platform: cpe:/o:microsoft:windows_11Date: (C)2022-05-24   (M)2023-07-04



By configuring this policy setting you can adjust what diagnostic data is collected from Windows. This policy setting also restricts the user from increasing the amount of diagnostic data collection via the Settings app. The diagnostic data collected under this policy impacts the operating system and apps that are considered part of Windows and does not apply to any additional apps installed by your organization. - Diagnostic data off (not recommended). Using this value, no diagnostic data is sent from the device. This value is only supported on Enterprise, Education, and Server editions. - Send required diagnostic data. This is the minimum diagnostic data necessary to keep Windows secure, up to date, and performing as expected. Using this value disables the "Optional diagnostic data" control in the Settings app. - Send optional diagnostic data. Additional diagnostic data is collected that helps us to detect, diagnose and fix issues, as well as make product improvements. Required diagnostic data will always be included when you choose to send optional diagnostic data. Optional diagnostic data can also include diagnostic log files and crash dumps. Use the "Limit Dump Collection" and the "Limit Diagnostic Log Collection" policies for more granular control of what optional diagnostic data is sent. If you disable or do not configure this policy setting, the device will send required diagnostic data and the end user can choose whether to send optional diagnostic data from the Settings app. Note: The "Configure diagnostic data opt-in settings user interface" group policy can be used to prevent end users from changing their data collection settings. Fix: (1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsData Collection and Preview BuildsAllow Diagnostic Data (2) REG: HKEY_LOCAL_MACHINE or HKEY_CURRENT_USERSoftwarePoliciesMicrosoftWindowsDataCollection!AllowTelemetry


Parameter:

[Security/Required/Enhanced/Optional]


Technical Mechanism:

(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Data Collection and Preview Builds\Allow Diagnostic Data (2) REG: HKEY_LOCAL_MACHINE or HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\DataCollection!AllowTelemetry

CCSS Severity:CCSS Metrics:
CCSS Score : 5.9Attack Vector: NETWORK
Exploit Score: 2.2Attack Complexity: HIGH
Impact Score: 3.6Privileges Required: NONE
Severity: MEDIUMUser Interaction: NONE
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NScope: UNCHANGED
 Confidentiality: HIGH
 Integrity: NONE
 Availability: NONE
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:80175


OVAL    1
oval:org.secpod.oval:def:80175
XCCDF    3
xccdf_org.secpod_benchmark_general_Windows_11
xccdf_org.secpod_benchmark_NIST_800_53_r5_Windows_11
xccdf_org.secpod_benchmark_NIST_800_171_R2_Windows_11

© SecPod Technologies