Start a Conversation


This post is more than 5 years old


September 23rd, 2016 09:00

Insecure Windows Service Permissions

I have a Latitude 3570 that has been audited for Cyber Essentials compliance. The laptop has failed with the high risk vulnerability, "At least one improperly configured Windows service may have a privilege escalation vulnerability."

The service is DellRctlService and Authenticate Users have inherited file write permission to c:\dell\sytem64folder\dellrctlservice.exe.

The solution to this vulnerability is:Ensure the groups [Everyone, Users, Domain Users, Authenticated Users] do not have permissions to modify or
write service executables. Additionally, ensure these groups do not
have Full Control permission to any directories that contain service


Will changing the Authenticated Users permission to explicit read only be detrimental to the service?



16.8K Posts

September 26th, 2016 08:00

Don or Ron,

I do not see where changing the permissions would have any issues. If it does, you can revert back to the previous setting.

3 Posts

June 1st, 2018 01:00

Hi Jesse,


I realise this is an old post, but I to have the same vulnerability reported in Nessus. Can you please confirm for me exactly what this service is/ does? I have read conflicting articles about it's function. I would like to remove it altogether but I want to make sure it will not cause interruption to service for the users.




No Events found!