Radack, S.
(2008),
Federal Desktop Core Configuration (FDCC): Improving Information Security for Windows Operating Systems, ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=150678
(Accessed October 9, 2025)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Federal Desktop Core Configuration (FDCC): Improving Information Security for Windows Operating Systems
Published
Author(s)
Abstract
The Federal Desktop Core Configuration (FDCC) was jointly developed by the National Institute of Standards and Technology (NIST), the Department of Defense (DOD), and the Department of Homeland Security (DHS) to help Federal organizations improve their information security and reduce the information technology (IT) costs of their Windows operating systems. The FDCC is a standard security configuration that provides secure settings for Microsoft Windows XP and Vista operating systems. In 2007, the Office of Management and Budget (OMB) issued policy guidance to agencies and departments requiring that Federal organizations develop plans to adopt the standard security configuration for their Windows-based systems by February 1, 2008. The bulletin discusses security configurations, the use of checklists, and the implementation of security controls.Citation
ITL Bulletin -
NIST Pub Series
Pub Type
NIST Pubs
Download Paper
Keywords
Checklists, Federal Desktop Core Configuration, FISMA, Microsoft Windows, National Checklists Program, National Vulnerability Database, secure configurations
Citation
Issues
If you have any questions about this publication or are having problems accessing it, please contact [email protected].
Created February 27, 2008, Updated February 19, 2017