The Secondary Logon service must be disabled on Windows 10.
An XCCDF Rule
Description
The Secondary Logon service provides a means for entering alternate credentials, typically used to run commands with elevated privileges. Using privileged credentials in a standard user session can expose those credentials to theft.
- ID
- SV-220732r958478_rule
- Version
- WN10-00-000175
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
Configure the "Secondary Logon" service "Startup Type" to "Disabled".