The Exchange local machine policy must require signed scripts.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-259634 | SRG-APP-000381 | EX19-ED-000198 | SV-259634r1015764_rule | 2024-12-06 | 2 |
Description
Scripts, especially those downloaded from untrusted locations, often provide a way for attackers to infiltrate a system. By setting machine policy to prevent unauthorized script executions, unanticipated system impacts can be avoided.
ℹ️ Check
Open the Exchange Management Shell and enter the following command:
Get-ExecutionPolicy
If the value returned is not "RemoteSigned", this is a finding.
✔️ Fix
Open the Exchange Management Shell and enter the following command:
Set-ExecutionPolicy RemoteSigned