Accounts: User Account Control must automatically deny standard user requests for elevation

2a28f305-e508-40e1-80e4-e7702143703b

User Account Control (UAC) is a security mechanism for limiting the elevation of privileges, including administrative accounts, unless authorized. This setting controls the behavior of elevation when requested by a standard user account

Remediation

To fix this configure the policy value for:
Computer Configuration
|_ Windows Settings
|_ Security Settings
|_ Local Policies
|_ Security Options
|_ User Account Control: Behavior of the elevation prompt for standard users to "Automatically deny elevation requests".

STIG:
Server 2022: https://www.stigviewer.com/stig/microsoft_windows_server_2022/2022-08-25/finding/V-254485
Server 2019: https://www.stigviewer.com/stig/windows_server_2019/2020-06-15/finding/V-93433 / https://www.stigviewer.com/stig/windows_server_2019/2020-06-15/finding/V-93433
Server 2016: https://www.stigviewer.com/stig/microsoft_windows_server_2016/2022-03-01/finding/V-225064 / https://www.stigviewer.com/stig/windows_server_2016/2020-06-16/finding/V-73713

Desktop:
W10: https://www.stigviewer.com/stig/microsoft_windows_10/2022-04-08/finding/V-220947/ https://www.stigviewer.com/stig/windows_10/2021-08-18/finding/V-220947
W11: https://www.stigviewer.com/stig/microsoft_windows_11/2022-06-24/finding/V-253471

NIST 800-53: CM-6(a),IA-11
CMMC v2 L2: CM.L2-3.4.1
SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPOS-00156