2.0 KiB
title, description, ms.pagetype, ms.prod, ms.mktglfcycl, ms.sitesec, author
| title | description | ms.pagetype | ms.prod | ms.mktglfcycl | ms.sitesec | author |
|---|---|---|---|---|---|---|
| 5067(S, F) A cryptographic function modification was attempted. (Windows 10) | Describes security event 5067(S, F) A cryptographic function modification was attempted. | security | w10 | deploy | library | Mir0sh |
5067(S, F): A cryptographic function modification was attempted.
Applies to
- Windows 10
- Windows Server 2016
This event generates in BCryptConfigureContextFunction() function. This is a Cryptographic Next Generation (CNG) function.
This event generates when configuration information for the cryptographic function of an existing CNG context was changed.
For more information about Cryptographic Next Generation (CNG) visit these pages:
-
https://msdn.microsoft.com/en-us/library/windows/desktop/aa376214(v=vs.85).aspx
-
http://www.microsoft.com/en-us/download/details.aspx?id=1251
-
http://www.microsoft.com/en-us/download/details.aspx?id=30688
This event is mainly used for Cryptographic Next Generation (CNG) troubleshooting.
There is no example of this event in this document.
Subcategory: Audit Other Policy Change Events
Event Schema:
A cryptographic function modification was attempted.
Subject:
Security ID:%1
Account Name:%2
Account Domain:%3
Logon ID:%4
Configuration Parameters:
Scope:%5
Context:%6
Interface:%7
Function:%8
Change Information:
Old Value:%9
New Value:%10
Return Code:%11
Required Server Roles: None.
Minimum OS Version: Windows Server 2008, Windows Vista.
Event Versions: 0.
Security Monitoring Recommendations
- Typically this event is required for detailed monitoring of CNG-related cryptographic functions. If you need to monitor or troubleshoot actions related to specific cryptographic functions, review this event to see if it provides the information you need.