CCE-99982-1| Platform: cpe:/o:microsoft:windows_server_2022:::x64 | Date: (C)2023-11-24 (M)2023-11-24 |
This policy setting controls whether winlogon sends Multiple Provider Router (MPR) notifications. MPR handles communication between the Windows operating system and the installed network providers. MPR checks the registry to determine which providers are installed on the system and the order they are cycled through.
The recommended state for this setting is: Disabled.
Fix:
(1) GPO: Computer Configuration\Policies\Administrative Templates\Windows Components\Windows Logon Options\Enable MPR notifications for the system
(2) REG: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System!EnableMPR
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer Configuration\\Policies\\Administrative Templates\\Windows Components\\Windows Logon Options\\Enable MPR notifications for the system
(2) REG: HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System!EnableMPR
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 10.0 | Attack Vector: NETWORK |
| Exploit Score: 3.9 | Attack Complexity: LOW |
| Impact Score: 6.0 | Privileges Required: NONE |
| Severity: CRITICAL | User Interaction: NONE |
| Vector: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H | Scope: CHANGED |
| | Confidentiality: HIGH |
| | Integrity: HIGH |
| | Availability: HIGH |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:94749 |
