PingSentry   |   Discord   |   System32   |   GitHub   |   Free tools

Accounts: User Account Control (UAC) must, at a minimum, prompt administrators for consent on the secure desktop

0b28a1d9-618b-45ce-8938-f73cc84fce81

UAC is a security mechanism for limiting the elevation of privileges, including administrative accounts, unless authorized. This setting configures the elevation requirements for logged-on administrators to complete a task that requires raised privileges.

Remediation

To fix this configure the policy value for
Computer Configuration
|_ Windows Settings
|_ Security Settings
|_ Local Policies
|_ Security Options
|_ User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode to "Prompt for consent on the secure desktop".

STIG
Server:
2022: https://stigviewer.com/stigs/microsoft_windows_server_2022/2025-01-14/finding/V-254484
2019: https://stigviewer.com/stigs/microsoft_windows_server_2019/2025-01-15/finding/V-205717

Desktop:
W11: https://stigviewer.com/stigs/microsoft_windows_11/2024-09-12/finding/V-253469
W10: https://stigviewer.com/stigs/microsoft_windows_10/2024-11-25/finding/V-220945

NIST 800-53: AC-6(8)
CAT: II
CCI: CCI-001084
CSCv6: 5.1
CMMC v2.1 L3: SI.L3-3.14.3e
RuleID: SV-225066r569186_rule, SV-88381r1_rule, SV-103613r1_rule, SV-205719r958518_rule, SV-254487r958518_rule, SV-253473r958518_rule, SV-220949r569187_rule
MITRE Att&k: T1087, T1087.001, T1087.002, T1546.011, T1548, T1548.002



Tags

stig-medium-server compliance-server nist800-53-server cis-csc-server mitre-att-server stig-medium-desktop compliance-desktop nist800-53-desktop cis-csc-desktop mitre-att-desktop

Your Privacy Choices

Manage your cookie preferences below:

Helps us improve website performance and understand how visitors use our site.

Allows us to collect feedback about our products and improve them based on your input.

To learn more about our use of cookies, please see our
Privacy Policy.