UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Google Chrome Current Windows Security Technical Implementation Guide


Overview

Date Finding Count (43)
2022-09-09 CAT I (High): 1 CAT II (Med): 41 CAT III (Low): 1
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC I - Mission Critical Public)

Finding ID Severity Title
V-234701 High Chrome must be configured to allow only TLS.
V-221574 Medium Network prediction must be disabled.
V-221575 Medium Metrics reporting to Google must be disabled.
V-221576 Medium Search suggestions must be disabled.
V-221577 Medium Importing of saved passwords must be disabled.
V-221570 Medium Background processing must be disabled.
V-221571 Medium Google Data Synchronization must be disabled.
V-221572 Medium The URL protocol schema javascript must be disabled.
V-221573 Medium Cloud print sharing must be disabled.
V-221578 Medium Incognito mode must be disabled.
V-221579 Medium Online revocation checks must be performed.
V-245538 Medium Use of the QUIC protocol must be disabled.
V-245539 Medium Session only based cookies must be disabled.
V-221588 Medium Download restrictions must be configured.
V-221581 Medium Browser history must be saved.
V-221580 Medium Safe Browsing must be enabled.
V-221584 Medium The version of Google Chrome running on the system must be a supported version.
V-221587 Medium Prompt for download location must be enabled.
V-221586 Medium Deletion of browser history must be disabled.
V-221559 Medium Site tracking users location must be disabled.
V-221567 Medium The Password Manager must be disabled.
V-221566 Medium Default search provider must be enabled.
V-221565 Medium The default search provider URL must be set to perform encrypted searches.
V-221564 Medium The default search providers name must be set.
V-221563 Medium Extensions that are approved for use must be allowlisted.
V-221562 Medium Extensions installation must be blocklisted by default.
V-221561 Medium Sites ability to show pop-ups must be disabled.
V-241787 Medium Web Bluetooth API must be disabled.
V-226404 Medium Import AutoFill form data must be disabled.
V-226401 Medium Guest Mode must be disabled.
V-221558 Medium Firewall traversal from remote host must be disabled.
V-226403 Medium AutoFill for addresses must be disabled.
V-226402 Medium AutoFill for credit cards must be disabled.
V-221596 Medium URLs must be allowlisted for Autoplay use.
V-221597 Medium Anonymized data collection must be disabled.
V-221594 Medium Google Cast must be disabled.
V-221595 Medium Autoplay must be disabled.
V-221592 Medium Chrome Cleanup must be disabled.
V-221593 Medium Chrome Cleanup reporting must be disabled.
V-221590 Medium Safe Browsing Extended Reporting must be disabled.
V-221591 Medium WebUSB must be disabled.
V-221598 Medium Collection of WebRTC event logs must be disabled.
V-221599 Low Chrome development tools must be disabled.