Quickbooks -vs- Cyber Essentials certificate compliance

Forum|Forum|29 days ago
May 28, 2026
1 reply
2 views

Every time there is an update to Quickbooks desktop the installer changes program files folder permissions to "Everyone". This is then flagged by the network security monitors as a vulnerability. We could fail our Cyber Essentials audit due to this. The exact prompt from the security monitors is:

"Path: c:\progra~1\intuit\quickb~2\qbdbmgrn.exe
Used by services: QuickBooksDB34
File write allowed for groups: Everyone (S-1-1-0) Full control of directory allowed for groups: Everyone (S-1-1-0)"

We then need to update the folder permissions manually to every time there is an update.

Can someone please advise how we can fix this issue permanently? Surely Quickbooks must have policies to keep the software secure. Giving access to Everyone on a server to a folder with an executable that is accessed by a Windows service is a serious vulnerability. A malicious user could replace the executable (since they have access to the folder) and to a lot of damage.

QuickBooks Desktop

Jelayca V

QuickBooks Team

When multi-user mode is used in QuickBooks Desktop (QBDT), folder permissions revert to Everyone during updates to ensure that all new components are installed within the system. I recommend working with your IT team to create a separate partition specifically for QuickBooks to prevent any impact on other program files or data paths.

Alternatively, you can implement a permanent solution through Windows Group Policy or scripts to maintain your organization's security standards and compliance requirements. For more information, check out this article: Adjust folder permissions.

If you have further questions, please don't hesitate to reply below.

Sign up

Login with SSO

Let's get you signed in

Login with SSO

Scanning file for viruses.

This file cannot be downloaded