Browser must support auto-updates.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-44805	DTBC-0050	SV-57639r1_rule		Medium

Description
One of the most effective defenses against exploitation of browser vulnerabilities is to ensure the version of the browser is current. Frequent updates provide corrections to discovered vulnerabilities and the timely update reduces the window for zero day attacks. Automatic installation of updates and patches is the most effective method for keeping the browser software current. The browser must have the capability to install software updates and patches automatically.

Description

One of the most effective defenses against exploitation of browser vulnerabilities is to ensure the version of the browser is current. Frequent updates provide corrections to discovered vulnerabilities and the timely update reduces the window for zero day attacks. Automatic installation of updates and patches is the most effective method for keeping the browser software current. The browser must have the capability to install software updates and patches automatically.

STIG	Date
Google Chrome Current Windows STIG	2015-10-01

Details

Check Text ( C-49583r1_chk )
Windows method: 1. Start regedit 2. Navigate to HKLM\Software\Policies\Google\Update\ 3. If the AutoUpdateCheckPeriodMinutes value name does not exist or its value is set to 0 or greater than 43200, this is a finding.

Fix Text (F-49895r3_fix)
Windows registry: 1. Start regedit 2. Navigate to Key Path: HKLM\Software\Policies\Google\Update Value Name: AutoUpdateCheckPeroidMinutes Value Type: Boolean (REG_DWORD) Value Data: 43200 or less, but not 0.