| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-225223 | CAT II | SCHR-P3-DP-001 | Microsoft DotNet Framework 4.0 Security ... | Digital signatures assigned to strongly named asse... | - | |||
Check TextUse regedit to review the Windows registry key HKLM\Software\Microsoft\StrongName\Verification. There should be no assemblies or hash values listed under this registry key. If the StrongName\Verification key does not exist, this is not a finding. If there are assemblies or hash values listed in this key, each value represents a distinct application assembly that does not have the application strong name verified. If any assemblies are listed as omitting strong name verification in a production environment, this is a finding. If any assemblies are listed as omitting strong name verification in a development or test environment and the IAO has not provided documented approvals, this is a finding. Fix TextUse regedit to remove the values stored in Windows registry key HKLM\Software\Microsoft\StrongName\Verification. There should be no assemblies or hash values listed under this registry key. All assemblies must require strong name verification in a production environment. Strong name assemblies that do not require verification in a development or test environment must have documented approvals from the IAO. Finding DetailsEvaluate-STIG 1.2601.0 (Scan-NETFramework4_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: B3CB706A6ADDE1748C32DB756BC478CBF6005E4B ~~~~~ HKLM:\SOFTWARE\Microsoft\StrongName\Verification exists but no values were found within.
Source: SCHR-P3-DP-001_DotNET4_V2R7_20260305-132722.cklb
Scan Date: 2026-03-12T15:38:14.388995
Technology Area: Windows Operating System
|
||||||||