Allowing a system to automatically log on when the machine is booted could give access to any unauthorized individual who restarts the computer. Automatic logon with administrator privileges would give full access to an unauthorized individual.
To fix this configure the policy value for:
|_ Administrative Template
|_ MSS (Legacy)
|_ MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended) to "Disabled".
This policy setting requires the installation of the MSS-Legacy custom template. "MSS-Legacy.admx" and " MSS-Legacy.adml" must be copied to the \Windows\PolicyDefinitions and \Windows\PolicyDefinitions\en-US directories respectively. Files are available at EventSentry GitHub Repository at: https://github.com/eventsentry/resources
NIST 800-53: CM-6b. A-2, IA-5(13)