Insecure Windows Service Permissions - Windows 10 - Software & Operating Systems - Dell Community

Insecure Windows Service Permissions

Software & Operating Systems

Software & Operating Systems
Microsoft, Linux, Productivity software, discussion

Insecure Windows Service Permissions

  • I have a Latitude 3570 that has been audited for Cyber Essentials compliance. The laptop has failed with the high risk vulnerability, "At least one improperly configured Windows service may have a privilege escalation vulnerability."

    The service is DellRctlService and Authenticate Users have inherited file write permission to c:\dell\sytem64folder\dellrctlservice.exe.

    The solution to this vulnerability is:Ensure the groups [Everyone, Users, Domain Users, Authenticated Users] do not have permissions to modify or
    write service executables. Additionally, ensure these groups do not
    have Full Control permission to any directories that contain service


    Will changing the Authenticated Users permission to explicit read only be detrimental to the service?

  • Don or Ron,

    I do not see where changing the permissions would have any issues. If it does, you can revert back to the previous setting.