PingSentry   |   Discord   |   System32   |   GitHub   |   Free tools

Security: Load and unload device drivers user right must only be assigned to the Administrators group

667fbb54-263f-4f75-9e98-4e84985c8836

Inappropriate granting of user rights can provide system, administrative, and other high-level capabilities.

The "Load and unload device drivers" user right allows a user to load device drivers dynamically on a system. This could be used by an attacker to install malicious code.

Remediation

To fix this configure the policy value for
Computer Configuration
|_ Windows Settings
|_ Security Settings
|_ Local Policies
|_ User Rights Assignment
|_ Load and unload device drivers to include only the following accounts or groups:
- Administrators

STIG: Server
2025: https://system32.eventsentry.com/stig/viewer/V-278255
2022: https://system32.eventsentry.com/stig/viewer/V-254505
2019: https://system32.eventsentry.com/stig/viewer/V-205762
2016: https://system32.eventsentry.com/stig/viewer/V-225084

Desktop
W11: https://system32.eventsentry.com/stig/viewer/V-253499
W10: https://system32.eventsentry.com/stig/viewer/V-220976

NIST 800-53 : AC-3, AC-6, CM-6, CM-7, SI-7
NIST 800-171: 3.1.1, 3.1.2, 3.4.6, 3.14.1
CMMC v2.0 L2: AC.L2-3.1.1, AC.L2-3.1.2, CM.L2-3.4.6, SI.L2-3.14.1
PCI-DSS v4.0: 2.2.1, 7.2.1
HIPAA SR : §164.312(a)(1), §164.312(c)(1)
HIPAA HICP : Practice 2 (Endpoint Protection), Practice 3 (Identity and Access Management)



Tags

stig-medium-serverstig-medium-desktopnist800-171-servernist800-171-desktopnist800-53-desktopnist800-53-serverpci-dss-v4-desktoppci-dss-v4-serverhipaa-desktophipaa-servercmmc2-l2-desktopcmmc2-l2-server

Your Privacy Choices

Manage your cookie preferences below:

Helps us improve website performance and understand how visitors use our site.

Allows us to collect feedback about our products and improve them based on your input.

To learn more about our use of cookies, please see our
Privacy Policy.