diff --git a/CHANGELOG.next.asciidoc b/CHANGELOG.next.asciidoc
index f794c8ab9024..875fb39d7be3 100644
--- a/CHANGELOG.next.asciidoc
+++ b/CHANGELOG.next.asciidoc
@@ -37,6 +37,7 @@ https://github.com/elastic/beats/compare/v8.8.1\...main[Check the HEAD diff]
 
 *Osquerybeat*
 
+- Disable allow_unsafe osquery configuration. {pull}40130[40130]
 
 *Packetbeat*
 
diff --git a/x-pack/osquerybeat/internal/osqd/osqueryd_windows.go b/x-pack/osquerybeat/internal/osqd/osqueryd_windows.go
index e51496eccf60..0d14c417cbf3 100644
--- a/x-pack/osquerybeat/internal/osqd/osqueryd_windows.go
+++ b/x-pack/osquerybeat/internal/osqd/osqueryd_windows.go
@@ -28,9 +28,7 @@ func SocketPath(dir string) string {
 }
 
 func platformArgs() map[string]interface{} {
-	return map[string]interface{}{
-		"allow_unsafe": true,
-	}
+	return nil
 }
 
 func setpgid() *syscall.SysProcAttr {
@@ -41,6 +39,6 @@ func setpgid() *syscall.SysProcAttr {
 // For clean process tree kill
 func killProcessGroup(cmd *exec.Cmd) error {
 	// https://github.com/golang/dep/pull/857
-	exec.Command("taskkill", "/F", "/T", "/PID", fmt.Sprint(cmd.Process.Pid)).Run()
-	return nil
+	//nolint:gosec // works as expected
+	return exec.Command("taskkill", "/F", "/T", "/PID", fmt.Sprint(cmd.Process.Pid)).Run()
 }