The Exchange local machine policy must require signed scripts.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-221216 | SRG-APP-000131 | EX16-ED-000150 | SV-221216r960954_rule | 2024-12-06 | 2 |
Description
Scripts, especially those downloaded from untrusted locations, often provide a way for attackers to infiltrate a system. By setting machine policy to prevent unauthorized script executions, unanticipated system impacts can be avoided.
ℹ️ Check
Open the Exchange Management Shell and enter the following command:
Get-ExecutionPolicy
If the value returned is not "RemoteSigned", this is a finding.
✔️ Fix
Open the Exchange Management Shell and enter the following command:
Set-ExecutionPolicy RemoteSigned