[BESAdmin-Announcements] Bigfix Compliance: Updated CIS checklist for Windows 2016 MS, published 2019-09-25

Announcements for BES Administrators besadmin-announcements at bigmail.bigfix.com
Wed Sep 25 00:50:58 PDT 2019

BigFix Compliance

Updated CIS Checklist for Windows 2016 MS to fix bugs

Security Benchmark:
CIS Microsoft Windows Server 2016 RTM (Release 1607) Benchmark, v1.1.0

Published Sites:
CIS Checklist for Windows 2016 MS, site version 5
(The site version is provided for air-gap customers.)

Fixed and improved implementation for the following checks:

  *   (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled' (B)
  *   (L1) Ensure 'Do not suggest third-party content in Windows spotlight' is set to 'Enabled

The relevance is fixed to check only interactively logged on users instead of matching all SIDs under HKU. The SID's that don't log in interactively are excluded.

Actions to take:
*        To subscribe to the above site, you can use the License Overview Dashboard to enable and gather the site. Note that you must be entitled to the BigFix Compliance product and you must be using BigFix version 9.2 and later.
*        If you use custom sites, update your custom sites accordingly to use the latest content. You can synchronize your content by using the Synchronize Custom Checks wizard. For more information, see https://ibm.biz/Bd4LBt.

More information:
To know more about the BigFix Compliance SCM checklists, please see the following resources:

  *   Developer Works:
  *   BigFix Forum:

We hope you find this latest release of SCM content useful and effective. Thank you!

- The BigFix Compliance team

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20190925/082b7553/attachment.html>

More information about the Besadmin-announcements mailing list