b6f678d0-7ffc-48e8-b89c-ca6d301de838
User Account Control (UAC) is a security mechanism for limiting the elevation of privileges, including administrative accounts, unless authorized. This setting configures Windows to only allow applications installed in a secure location on the file system, such as the Program Files or the Windows\System32 folders, to run with elevated privileges.
TO fix this configure the policy value for
Computer Configuration
|_ Windows Settings
|_ Security Settings
|_ Local Policies
|_ Security Options
|_ "User Account Control: Only elevate UIAccess applications that are installed in secure locations" to "Enabled".
STIG:
Desktop:
W11: https://www.stigviewer.com/stig/microsoft_windows_11/2024-06-10/finding/V-253473
W10: https://www.stigviewer.com/stig/windows_10/2021-08-18/finding/V-220949 / https://www.stigviewer.com/stig/microsoft_windows_10/2024-06-13/finding/V-220949
Server:
2022: https://www.stigviewer.com/stig/microsoft_windows_server_2022/2024-06-14/finding/V-254487
2019: https://www.stigviewer.com/stig/microsoft_windows_server_2019/2024-06-14/finding/V-205719 / https://www.stigviewer.com/stig/windows_server_2019/2020-06-15/finding/V-93527 /
2016: https://www.stigviewer.com/stig/microsoft_windows_server_2016/2024-02-21/finding/V-225066 / https://www.stigviewer.com/stig/windows_server_2016/2020-06-16/finding/V-73717
NIST 800-53: AC-6(8)
CAT: II
CCI: CCI-001084
CSCv6: 5.1
CMMC v2.1 L3: SI.L3-3.14.3e
RuleID: SV-225066r569186_rule, SV-88381r1_rule, SV-103613r1_rule, SV-205719r958518_rule, SV-254487r958518_rule, SV-253473r958518_rule, SV-220949r569187_rule
MITRE Att&k: T1087, T1087.001, T1087.002, T1546.011, T1548, T1548.002