| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-225231 | CAT II | SCHR-P3-DP-001 | Microsoft DotNet Framework 4.0 Security ... | .NET must be configured to validate strong names o... | - | |||
Check TextIf there is documented ISSO risk acceptance for development systems, this is not a finding. For 32 bit production systems: Use regedit to examine the “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework” key. On 64-bit production systems: Use regedit to examine both the “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework” and “HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework” keys. If the "AllowStrongNameBypass" value does not exist, or if the “DWORD” value is set to “1”, this is a finding. Documentation must include a complete list of installed .Net applications, application versions, and acknowledgement that ISSO trusts each installed application. If application versions installed on the system do not match approval documentation, this is a finding. Fix TextFor 32 bit production systems: Set “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\AllowStrongNameBypass" to a “DWORD” value of “0”. On 64-bit production systems: Set “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\ AllowStrongNameBypass” and “HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\ AllowStrongNameBypass” to a “DWORD” value of “0”. Or, obtain documented ISSO risk acceptance for each .Net application installed on the system. Approval documentation will include complete list of all installed .Net applications, application versions, and acknowledgement of ISSO trust of each installed application. Finding DetailsEvaluate-STIG 1.2601.0 (Scan-NETFramework4_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: E28F7B07BF034968DDD074235F2D4C0EFC0E8F76 ~~~~~ Registry Path: HKLM:\SOFTWARE\Microsoft\.NETFramework Value Name: AllowStrongNameBypass Value: 0x00000000 (0) Type: REG_DWORD Registry Path: HKLM:\SOFTWARE\Wow6432Node\Microsoft\.NETFramework Value Name: AllowStrongNameBypass Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_DotNET4_V2R7_20260305-132722.cklb
Scan Date: 2026-03-12T15:38:14.388995
Technology Area: Windows Operating System
|
||||||||