V-220949 | User Account Control must only elevate UIA...

Microsoft Windows 10

User Account Control must only elevate UIAccess applications that are installed in secure locations

STIG ID: WN10-SO-000265 | SRG: SRG-OS-000134-GPOS-00068 | Severity: Medium | CCI: CCI-001084 | Vulnerability ID: V-220949

Description

User Account Control (UAC) is a security mechanism for limiting the elevation of privileges, including administrative accounts, unless authorized. This setting configures Windows to only allow applications installed in a secure location on the file system, such as the Program Files or the Windows\System32 folders, to run with elevated privileges.

Check

C-22664r555332_chk

If the following registry value does not exist or is not configured as specified, this is a finding:Registry Hive: HKEY_LOCAL_MACHINERegistry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Value Name: EnableSecureUIAPathsValue Type: REG_DWORDValue: 1

Fix

F-22653r555333_fix

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "User Account Control: Only elevate UIAccess applications that are installed in secure locations" to "Enabled".