| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-225235 | CAT II | SCHR-P3-DP-001 | Microsoft DotNet Framework 4.0 Security ... | Event tracing for Windows (ETW) for Common Languag... | - | |||
Check TextOpen Windows explorer and search for all .NET config files including application config files (*.exe.config) NOTE: Beginning with Windows Vista and Windows Server 2008, ETW Tracing is enabled by default and the "etwEnable" setting is not required in order for Event Tracing to be enabled. An etwEnable setting of "true" IS required in earlier versions of Windows as ETW is disabled by default. Examine the configuration settings for <etwEnable enabled="false" />. If the "etwEnable" element is set to "true", this is not a finding. If the "etwEnable" element is set to "false" and documented approvals by the IAO are not provided, this is a finding. Fix TextOpen Windows explorer and search for all .NET config files including application config files (*.exe.config). Examine the configuration settings for <etwEnable enabled="false" />. Enable ETW Tracing by setting the etwEnable flag to "true" or obtain documented IAO approvals. Finding DetailsEvaluate-STIG 1.2601.0 (Scan-NETFramework4_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 337EA4CB8826346C79B61FFD2C48107B8F2246C3 ~~~~~ No machine.config or *.exe.config files found with 'etwEnable enabled=false'.
Source: SCHR-P3-DP-001_DotNET4_V2R7_20260305-132722.cklb
Scan Date: 2026-03-12T15:38:14.388995
Technology Area: Windows Operating System
|
||||||||