I have a Latitude 3570 that has been audited for Cyber Essentials compliance. The laptop has failed with the high risk vulnerability, "At least one improperly configured Windows service may have a privilege escalation vulnerability."
The service is DellRctlService and Authenticate Users have inherited file write permission to c:\dell\sytem64folder\dellrctlservice.exe.
The solution to this vulnerability is:Ensure the groups [Everyone, Users, Domain Users, Authenticated Users] do not have permissions to modify orwrite service executables. Additionally, ensure these groups do nothave Full Control permission to any directories that contain serviceexecutables.
Will changing the Authenticated Users permission to explicit read only be detrimental to the service?
Don or Ron,
I do not see where changing the permissions would have any issues. If it does, you can revert back to the previous setting.
Social Media Support#IWork4Dell