PingSentry   |   Discord   |   System32   |   GitHub   |   Free tools

General: Early Launch Antimalware, Boot-Start Driver Initialization Policy must prevent boot drivers identified as bad

a9b5b413-0fc5-49c2-ab77-6761b329950c

Compromised boot drivers can introduce malware prior to protection mechanisms that load after initialization. The Early Launch Antimalware driver can limit allowed drivers based on classifications determined by the malware protection application. At a minimum, drivers determined to be bad must not be allowed.

Remediation

To fix this configure the policy value for:
Computer Configuration
|_ Administrative Templates
|_ System
|_ Early Launch Antimalware
|_ "Boot-Start Driver Initialization Policy" to "Not Configured" or "Enabled" with any option other than "All" selected.

STIG
Server
2022: https://stigviewer.com/stigs/microsoft_windows_server_2022/2025-01-14/finding/V-254344
2019: https://stigviewer.com/stigs/microsoft_windows_server_2019/2025-01-15/finding/V-205865

Desktop
W11: https://stigviewer.com/stigs/microsoft_windows_11/2024-09-12/finding/V-253372
W10: https://stigviewer.com/stigs/microsoft_windows_10/2024-11-25/finding/V-220813

NIST 800-171: 3.14.1, 3.14.2, 3.14.4
NIST 800-53: SI-2,SI-3
CMMC V2 L1/2/3: SI.L1-3.14.1
PCI-DSS v4: 6.3, 6.3.1, 6.3.3, 11.3
SIG: T.1
CIF: ID.RA-1, PR.IP-12
Nist Privacy Framework v1: PR.PO-P10
CSA CMM: AIS-07, TVM-01, TVM-02, UEM-07
CIS CSC v8: 7.0, 7.1, 18.0



Tags

stig-medium-server stig-medium-desktop desktop compliance-server compliance-desktop server security-desktop security-server nist800-171-server nist800-171-desktop nist800-53-desktop nist800-53-server pci-dss-v4-desktop pci-dss-v4-server cmmc2-l1-desktop cmmc2-l1-server

Your Privacy Choices

Manage your cookie preferences below:

Helps us improve website performance and understand how visitors use our site.

Allows us to collect feedback about our products and improve them based on your input.

To learn more about our use of cookies, please see our
Privacy Policy.