UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Safe Browsing Extended Reporting must be disabled.


Overview

Finding ID Version Rule ID IA Controls Severity
V-221590 DTBC-0057 SV-221590r508655_rule Medium
Description
Enables Google Chrome's Safe Browsing Extended Reporting and prevents users from changing this setting. Extended Reporting sends some system information and page content to Google servers to help detect dangerous apps and sites. If the setting is set to "True", then reports will be created and sent whenever necessary (such as when a security interstitial is shown). If the setting is set to "False", reports will never be sent. If this policy is set to "True" or "False", the user will not be able to modify the setting. If this policy is left unset, the user will be able to change the setting and decide whether to send reports or not.
STIG Date
Google Chrome Current Windows Security Technical Implementation Guide 2020-09-22

Details

Check Text ( C-23305r415897_chk )
Universal method:
1. In the omnibox (address bar) type chrome://policy
2. If "SafeBrowsingExtendedReportingEnabled" is not displayed under the "Policy Name" column or it is not set to "False", this is a finding.
Windows method:
1. Start regedit
2. Navigate to HKLM\Software\Policies\Google\Chrome\
3. If the "SafeBrowsingExtendedReportingEnabled" value name does not exist or its value data is not set to "0", this is a finding.
Fix Text (F-23294r415898_fix)
Windows group policy:
1. Open the “group policy editor” tool with gpedit.msc
2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Google\Google Chrome\Safe Browsing settings\
Policy Name: Enable Safe Browsing Extended Reporting
Policy State: Disabled
Policy Value: N/A