CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 - 2.2.23 (L1) - Include printspoolerservice

1 votes

2.2.23 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE'

FAILED due to:

Output

'printspoolerservice' && 'network service' && 'local service'

Policy Value

'LOCAL SERVICE' && 'NETWORK SERVICE'

I believe Windows 11 newest version includes 'printspoolerservice' by default in this, so the check fails.
Maybe related to this?
https://techcommunity.microsoft.com/blog/microsoft-security-baselines/windows-11-version-25h2-security-baseline/4456231

Would be good to review update your benchmark if required.

Thank you

EDIT - same for '2.2.24 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE''
Output

'printspoolerservice' && 'service' && 'administrators' && 'network service' && 'local service'

Policy Value

'Administrators' && 'LOCAL SERVICE' && 'NETWORK SERVICE' && 'SERVICE'

Done Benchmark Community Suggestion Suggested by: N M (10 Mar) • Upvoted: 10 Mar • Comments: 1

Comments: 1
Oldest • Newest • Most likes • Fewest likes

20 Mar
Chris Boldiston Admin
Hi Nick

Thanks for the information. Can you please post this to the Workbench Community for input - https://workbench.cisecurity.org/communities/2

Thanks

Chris

CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 - 2.2.23 (L1) - Include printspoolerservice

Comments: 1 Oldest • Newest • Most likes • Fewest likes

Comments: 1
Oldest • Newest • Most likes • Fewest likes