Browser must support auto-updates.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-44805	DTBC-0050	SV-57639r3_rule		Medium

Description
One of the most effective defenses against exploitation of browser vulnerabilities is to ensure the version of the browser is current. Frequent updates provide corrections to discovered vulnerabilities and the timely update reduces the window for zero day attacks. Automatic installation of updates and patches is the most effective method for keeping the browser software current. The browser must have the capability to install software updates and patches automatically.

Description

One of the most effective defenses against exploitation of browser vulnerabilities is to ensure the version of the browser is current. Frequent updates provide corrections to discovered vulnerabilities and the timely update reduces the window for zero day attacks. Automatic installation of updates and patches is the most effective method for keeping the browser software current. The browser must have the capability to install software updates and patches automatically.

STIG	Date
Google Chrome Current Windows Security Technical Implementation Guide	2017-03-22

Details

Check Text ( C-49583r2_chk )
Windows method: 1. Start regedit 2. Navigate to HKLM\Software\Policies\Google\Update\ 3. If the AutoUpdateCheckPeriodMinutes value name does not exist or its value is set to 0 or greater than 10080, this is a finding.

Fix Text (F-49895r4_fix)
1. Start regedit 2. Navigate to Key Path: HKLM\Software\Policies\Google\Update Value Name: AutoUpdateCheckPeriodMinutes Value Type: Boolean (REG_DWORD) Value Data: 10080 or less, but not 0.