Qualcuno può aiutarmi a capire che tipo di azione dovrei adottare per attenuare questo problema, emerso da Microsoft Surface Attack Analyzer? Come posso stringere l'ACL? C'è una procedura standard da fare?
Service BFE is vulnerable to tampering by multiple non-administrator accounts.
Description:
The service BFE is vulnerable to tampering by multiple non-administrator accounts.
Details:
Service: BFE
Registry keys writable by:
Key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BFE\Parameters\Policy\Persistent\Callout
Account Rights
NT SERVICE\BFE (S-1-5-80-1383140227-27657646-1662666058-2710981023-2300958487) KEY_SET_VALUE
Local Service (S-1-5-19) WRITE_DAC
Action:
The relevant ACL(s) must be tightened.