Users must not be allowed to run virtual machines in Hyper-V on the system.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-63365 | WN10-00-000080 | SV-77855r2_rule | Medium |
| Description |
|---|
| Allowing other operating systems to run on a secure system may allow users to circumvent security. Preventing users from being assigned to the Hyper-V Administrators group will prevent them from accessing or creating virtual machines on the system. The Hyper-V Hypervisor is used by Virtualization Based Security features such as Credential Guard on Windows 10; however, it is not the full Hyper-V installation. |
| STIG | Date |
|---|---|
| Windows 10 Security Technical Implementation Guide | 2018-04-06 |
Details
| Check Text ( C-76165r2_chk ) |
|---|
| Run "Computer Management". Navigate to System Tools >> Local Users and Groups >> Groups. Double click on "Hyper-V Administrators". If any groups or user accounts are listed in "Members:", this is a finding. If the workstation has an approved use of Hyper-V, such as being used as a dedicated admin workstation using Hyper-V to separate administration and standard user functions, the account(s) needed to access the virtual machine is not a finding. |
| Fix Text (F-69285r1_fix) |
|---|
| Remove any groups or users from the "Hyper-V Administrators" group. |