Group Policies must be refreshed in the background if the user is logged on.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-63613 | WN10-CC-000095 | SV-78103r1_rule | Medium |
| Description |
|---|
| If this setting is enabled, then Group Policy settings are not refreshed while a user is currently logged on. This could lead to instances when a user does not have the latest changes to a policy applied and is therefore operating in an insecure context. |
| STIG | Date |
|---|---|
| Windows 10 Security Technical Implementation Guide | 2016-10-28 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (F-69543r1_fix) |
|---|
| The default behavior is for group policy to refresh in the back ground. If this needs to be corrected, configure the policy value for Computer Configuration >> Administrative Templates >> System >> Group Policy >> "Turn off background refresh of Group Policy" to "Not Configured". (Selecting "Disabled" results in the same outcome as "Not Configured", the registry value will not exist.) |