User Account Control: Virtualize file and registry write failures to per-user locationsID: oval:org.secpod.oval:def:56156 | Date: (C)2019-07-05 (M)2023-07-04 |
Class: COMPLIANCE | Family: windows |
This policy setting controls whether application write failures are redirected to defined registry and file system locations. This policy setting mitigates applications that run as administrator and write run-time application data to %ProgramFiles%, %Windir%, %Windir%\system32, or HKLM\Software.
The options are:
- Enabled: (Default) Application write failures are redirected at run time to defined user locations for both the file system and registry.
- Disabled: Applications that write data to protected locations fail.
This policy setting controls whether application write failures are redirected to defined registry and file system locations.
Fix:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options!User Account Control: Virtualize file and registry write failures to per-user locations
(2) REG: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System!EnableVirtualization
Platform: |
Microsoft Windows Server 2019 |