Vulnerability Details

Microsoft Windows: Turn on PowerShell Script Block Logging

Published: 2019-07-01 09:36:48

CVSS Base Vector:
AV:L/AC:H/Au:S/C:N/I:N/A:N

Report Confidence:
97

Summary:
This policy setting enables logging of all PowerShell script input to the Microsoft-Windows-PowerShell/Operational event log. If you enable this policy setting, Windows PowerShell will log the processing of commands, script blocks, functions, and scripts - whether invoked interactively, or through automation. If you disable this policy setting, logging of PowerShell script input is disabled. If you enable the Script Block Invocation Logging, PowerShell additionally logs events when invocation of a command, script block, function, or script starts or stops. Enabling Invocation Logging generates a high volume of event logs. (C) Microsoft Corporation 2015.

References:

https://www.microsoft.com/en-us/download/confirmation.aspx?id=25250

Severity
Detection Plugin
CVSS Score
0.0
Published
2019-07-01
Modified
2019-12-13
Category
Policy

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.