V-44745 | High | The running of outdated plugins must be disabled. | Running outdated plugins could lead to system compromise through the use of known exploits. Having plugins that updated to the most current version ensures the smallest attack surfuce possible. If... |
V-44749 | High | Plugins requiring authorization must ask for user permission. | Policy allows Google Chrome to run plugins that require authorization. If you enable this setting, plugins that are not outdated will always run. If this setting is disabled or not set, users will... |
V-44777 | Medium | Incognito mode must be disabled. | Incognito mode allows the user to browse the Internet without recording their browsing history/activity. From a forensics perspective, this is unacceptable. Best practice requires that browser... |
V-44737 | Medium | Default search provider must be enabled. | Policy enables the use of a default search provider. If you enable this setting, a default search is performed when the user types text in the omnibox that is not a URL. You can specify the... |
V-44757 | Medium | 3D Graphics APIs must be disabled. | Disable support for 3D graphics APIs. Enabling this setting prevents web pages from accessing the graphics processing unit (GPU). Specifically, web pages cannot access the WebGL API and plugins... |
V-44733 | Medium | The default search providers name must be set. | Specifies the name of the default search provider that is to be used, if left empty or not set, the host name specified by the search URL will be used. This policy is only considered if the... |
V-44735 | Medium | The default search provider URL must be set to perform encrypted searches.
| Specifies the URL of the search engine used when doing a default search. The URL should contain the string '{searchTerms}', which will be replaced at query time by the terms the user is searching... |
V-44773 | Medium | Search suggestions must be disabled. | Search suggestion should be disabled as it could lead to searches being conducted that were never intended to be made. Enables search suggestions in Google Chrome's omnibox and prevents users from... |
V-44759 | Medium | Google Data Synchronization must be disabled. | Disables data synchronization in Google Chrome using Google-hosted synchronization services and prevents users from changing this setting. If you enable this setting, users cannot change or... |
V-44793 | Medium | Browser history must be saved. | This policy disables saving browser history in Google Chrome and prevents users from changing this setting. If this setting is enabled, browsing history is not saved. If this setting is disabled... |
V-44791 | Medium | Safe Browsing must be enabled, | Enables Google Chrome's Safe Browsing feature and prevents users from changing this setting. If you enable this setting, Safe Browsing is always active. If you disable this setting, Safe Browsing... |
V-44795 | Medium | Default behavior must block webpages from automatically running plugins. | This policy allows you to set whether websites are allowed to automatically run plugins. Automatically running plugins can be either allowed for all websites or denied for all websites. If this... |
V-44711 | Medium | Firewall traversal from remote host must be disabled. | Remote connections should never be allowed that bypass the firewall, as there is no way to verify if they can be trusted. Enables usage of STUN and relay servers when remote clients are trying to... |
V-44775 | Medium | Importing of saved passwords must be disabled. | Importing of saved passwords should be disabled as it could lead to unencrypted account passwords stored on the system from another browser to be viewed. This policy forces the saved passwords to... |
V-44799 | Medium | Session only based cookies must be disabled. | Policy allows you to set a list of URL patterns that specify sites which are allowed to set session only cookies. If this policy is left not set the global default value will be used for all sites... |
V-44771 | Medium | Metrics reporting to Google must be disabled. | Enables anonymous reporting of usage and crash-related data about Google Chrome to Google and prevents users from changing this setting. If you enable this setting, anonymous reporting of usage... |
V-44805 | Medium | Browser must support auto-updates. | One of the most effective defenses against exploitation of browser vulnerabilities is to ensure the version of the browser is current. Frequent updates provide corrections to discovered... |
V-52795 | Medium | URLs must be whitelisted for plugin use | This policy allows you to set a list of URL patterns that specify sites which are allowed to run plugins. If this policy is not set, plugins could be run from any website, including potentially... |
V-44763 | Medium | AutoFill must be disabled. | This AutoComplete feature suggests possible matches when users are filling in forms. It is possible that this feature will cache sensitive data and store it in the user's profile, where it might... |
V-44723 | Medium | Site tracking users location must be disabled. | Website tracking is the practice of gathering information as to which websites were accesses by a browser. The common method of doing this is to have a website create a tracking cookie on the... |
V-44727 | Medium | Extensions installation must be blacklisted by default. | Extensions are developed by third party sources and are designed to extend Google Chrome's functionality. An extension can be made by anyone, to do and access almost anything on a system; this... |
V-44729 | Medium | Extensions that are approved for use must be whitelisted.
| The whitelist should only contain organizationally approved extensions. This is to prevent a user from accidently whitelisitng a malicious extension. This policy allows you to specify which... |
V-44787 | Medium | Automated installation of missing plugins must be disabled. | The automatic search and installation of missing or not installed plugins should be disabled as this can cause significant risk if a unapproved or vulnerable plugin were to be installed without... |
V-44769 | Medium | Network prediction must be disabled. | Disables network prediction in Google Chrome and prevents users from changing this setting. If you enable or disable this setting, users cannot change or override this setting in Google Chrome. If... |
V-44741 | Medium | The Password Manager must be disabled. | Enables saving passwords and using saved passwords in Google Chrome. Malicious sites may take advantage of this feature by using hidden fields gain access to the stored information. If you enable... |
V-44765 | Medium | Cloud print sharing must be disabled. | Policy enables Google Chrome to act as a proxy between Google Cloud Print and legacy printers connected to the machine. If this setting is enabled or not configured, users can enable the cloud... |
V-44789 | Medium | Online revocation checks must be done. | By setting this policy to true, the previous behavior is restored and online OCSP/CRL checks will be performed. If the policy is not set, or is set to false, then Chrome will not perform online... |
V-44761 | Medium | The URL protocol schema javascript must be disabled. | Each access to a URL is handled by the browser according to the URL's "scheme". The "scheme" of a URL is the section before the ":". The term "protocol" is often mistakenly used for a "scheme".... |
V-75165 | Medium | Access to history URL must be disabled. | Regardless of controls in place to safeguard the Chrome browser history users may still delete individual items via the Chrome://History URL. In order to protect against this occurrence access to... |
V-44719 | Medium | Sites ability to show pop-ups must be disabled. | Chrome allows you to manage whether unwanted pop-up windows appear. Pop-up windows that are opened when the end user clicks a link are not blocked. If you enable this policy setting, most unwanted... |
V-44753 | Medium | Background processing must be disabled. | Determines whether a Google Chrome process is started on OS login that keeps running when the last browser window is closed, allowing background apps to remain active. The background process... |
V-44751 | Low | Third party cookies must be blocked. | Third party cookies are cookies which can be set by web page elements that are not from the domain that is in the browser's address bar. Enabling this setting prevents cookies from being set by... |
V-44713 | Low | Sites ability for showing desktop notifications must be disabled. | Chrome by default allows websites to display notifications on the desktop. This check allows you to set whether or not this is permitted. Displaying desktop notifications can be allowed by... |