NVD Banner
Vulnerabilities Checklists 800-53/800-53A Product Dictionary Impact Metrics Data Feeds Statistics
Home SCAP SCAP Validated Tools SCAP Events About Contact Vendor Comments
FDCC

 

white space

white space

Federal Desktop Core Configuration
FDCC

 

FDCC Version 1.2.x.0 List of Changes

Microsoft Internet Explorer 7

  1. Updated patch content to reflect recent patch releases
    1. Removed:
      1. MS08-045
      2. MS08-058
    2. Added:
      1. MS09-002
  2. Synced content with Vista and XP patch content.
    1. Changed MS07-050 to match Vista and XP version of the patch definition.
    2. Updated inventory definitions to match Vista and XP inventory definitions.
  3. SCAPXML-132: Added “Turn off downloading of enclosures” since it is an IE7 setting. (CCE-3477-7, CCE-4581-5)
  4. SCAPXML-135: Corrected the registry_state type for “Turn on the auto-complete feature for user names and passwords on forms” (CCE-3647-5) and “Disable AutoComplete for forms” (CCE-4246-5) from reg_sz to reg_dword in the 1.2.0.0 content to match the 1.2.1.0 content.

Microsoft Windows Vista Firewall

  • No Changes

Microsoft Windows Vista

  1. SCAPXML-122: Changed the operator for the Value “restrictions_for_unauthenticated_rpc_clients_var” to allow for more restrictive configurations. . Added the operation attribute on OVAL state “oval:gov.nist.fdcc.vista:ste:6565” accordingly. (CCE-3273-0)
  2. SCAPXML-123: Changed the criteria for "oval:gov.nist.fdcc.vista:def:6726" (CCE-5007-0) and "oval:gov.nist.fdcc.vista:def:6725" to negate the results of the existence tests. (CCE-4267-1)
  3. SCAPXML-124: Corrected the test/object type mistmatch. Changed test “oval:gov.nist.fdcc.vista:tst:60202” from “user_test” to “sid_test” in the 1.2.1.0 content. (CCE-3248-2)
  4. SCAPXML-126: Removed content that had been removed from the FDCC Profile and was no longer needed. Created definition “oval:gov.nist.fdcc.vista:def:65741” which is a duplicate of definition “oval:gov.nist.fdcc.vista:def:6574”. Changed the rule "turn_off_autoplay" to reference “oval:gov.nist.fdcc.vista:def:65741” instead of “oval:gov.nist.fdcc.vista:def:6574”. Updated the title and description for “oval:gov.nist.fdcc.vista:def:6574” to “MSS: (NoDriveTypeAutoRun) Disable Autorun for all drives (recommended).” (CCE-2719-3)
  5. SCAPXML-127: Updated CCE v4 identifiers for:
    1. Audit Account Logon Events from CCE-315 to CCE-2628 and CCE-2543
    2. Audit Account Management from CCE-596 to CCE-2000 and CCE-1646
    3. Audit Directory Service Access CCE-10 to CCE-2118 and CCE-2390
    4. Audit Logon Events CCE-429 to CCE-1686 and CCE-1744
    5. Audit Object Access CCE-812 to CCE-2640 and CCE-1991
    6. Audit Policy Change CCE-966 to CCE-2412 and CCE-2347
    7. Audit Privilege Use CCE-874 to CCE-2431 and CCE-2584
    8. Audit of Process Tracking CCE-8 to CCE-2529 and CCE-2617
    9. Audit System Events CCE-149 to CCE-2420 and CCE-1680
  6. SCAPXML-128: Changed "oval:gov.nist.fdcc.vista:obj:7" from a “user_sid_object” to sid_sid_object in the 1.2.0.0 content. (CCE-3248-2)
  7. SCAPXML-130: Changed the “audit-use-backup-restore-privilege_var” type to “string” as well as the datatype for “oval:gov.nist.fdcc.xp:ste:39” and “oval:gov.nist.fdcc.vista:var:60251 to “binary”. (CCE- 3303-5)
  8. SCAPXML-132: Removed “Turn off downloading of enclosures” since it is an IE7 setting. (CCE-3477-7)
  9. SCAPXML-134: Changed the selector for a the value ‘2’ from “3_seconds_half_open_connections_dropped_after_9_seconds” to “3_and_6_seconds_half_open_connections_dropped_after_21_seconds”. Added values for ‘0’, ‘1’, and ‘3’ and specified selectors that reflect the security configuration options. (CCE-3459-5)

Microsoft Windows XP

  1. SCAPXML- 121: Corrected the operator and type for the Value “password_protect_the_screen_saver_var”. (CCE-4500-5)
  2. SCAPXML-122: Changed the operator for the Value “restrictions_for_unauthenticated_rpc_clients_var” from “equals” to “greater than or equal” to allow for more restrictive configurations. Added the operation attribute on OVAL state “oval:gov.nist.fdcc.xp:ste:6565” accordingly. (CCE-3273-0)
  3. SCAPXML-125: Changed User Right tests for SUPPORT_388945a0 from using the SID back to using the account name. This change will results in a FAIL instead of a PASS when the account is renamed but is given the specified right. A note has been added to the affected User Rights. (CCE-1978-6, CCE-2898-5, CCE-2700-3)
  4. SCAPXML-127: Updated CCE v4 identifiers for:
    1. Audit Account Logon Events from CCE-315 to CCE-2628 and CCE-2543
    2. Audit Account Management from CCE-596 to CCE-2000 and CCE-1646
    3. Audit Directory Service Access CCE-10 to CCE-2118 and CCE-2390
    4. Audit Logon Events CCE-429 to CCE-1686 and CCE-1744
    5. Audit Object Access CCE-812 to CCE-2640 and CCE-1991
    6. Audit Policy Change CCE-966 to CCE-2412 and CCE-2347
    7. Audit Privilege Use CCE-874 to CCE-2431 and CCE-2584
    8. Audit of Process Tracking CCE-8 to CCE-2529 and CCE-2617
    9. Audit System Events CCE-149 to CCE-2420 and CCE-1680
  5. SCAPXML-130: Changed the “AuditBackupAndRestorePrivilege_var” the type to “string” and the datatype for “oval:gov.nist.fdcc.xp:var:53” to “binary”. (CCE-2955-3)
  6. SCAPXML-132: Removed “Turn off downloading of enclosures” since it is an IE7 setting. (CCE-4581-5)

Microsoft Windows XPFirewall

  • No Changes

 

 

Comments and Questions

Comments and questions may be addressed to fdcc@nist.gov.

 

 

 

 


Last updated: November, 11, 2008
Page created: July 22, 2007

Disclaimer Notice & Privacy Statement / Security Notice
Send comments or suggestions to itsec@nist.gov
NIST is an Agency of the U.S. Commerce Department's Technology Administration