UCF STIG Viewer Logo

Internet Explorer 8 STIG


Overview

Date Finding Count (129)
2012-06-22 CAT I (High): 0 CAT II (Med): 126 CAT III (Low): 3
STIG Description
The Internet Explorer 8 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: fso_spt@disa.mil.

Available Profiles



Findings (MAC III - Administrative Sensitive)

Finding ID Severity Title
V-15500 Medium Allow third-party browser extensions are not disabled.
V-15503 Medium Check for signatures on downloaded programs is not enabled.
V-15502 Medium Check for server certificate revocation is not enabled.
V-15504 Medium Intranet Sites: Include all network paths (UNCs) are disabled.
V-15507 Medium Allow script-initiated windows without size or position constraints for Internet Zone is not disabled.
V-15509 Medium Allow Scriptlets are not disabled.
V-6262 Medium The user Authentication - Logon is not set properly for the Internet Zone.
V-6260 Medium The Allow paste operations via script is not set properly for the Internet Zone.
V-6267 Medium The Java Permissions is not set properly for the Local Zone.
V-22171 Medium Internet Explorer Processes Restrict ActiveX Install (Reserved) property is properly set.
V-15508 Medium Allow script-initiated windows without size or position constraints for Restricted Sites Zone is not disabled.
V-15518 Medium Java permissions for group policy for Trusted Sites Zone are not disabled.
V-15519 Medium Java permissions for group policy for Internet Zone are not disabled.
V-15516 Medium Java permissions for my computer group policy are not disabled.
V-15517 Medium Java permissions for group policy for Local Intranet Zone are not disabled.
V-15515 Medium Java permissions for my computer are not disabled.
V-15513 Medium Automatic prompting for file downloads is not enabled.
V-22108 Medium Turn off Managing SmartScreen Filter property is not properly set.
V-6297 Medium The Access data sources across domains is not set properly for the Restricted Sites Zone.
V-6294 Medium The File download control is not set properly for the Restricted Sites Zone.
V-6295 Medium The Font download control is not set properly for the Restricted Sites Zone.
V-6292 Medium Run ActiveX controls and plug-ins property is not set properly for the Restricted Sites Zone.
V-6293 Medium The Script ActiveX controls marked safe for scripting property is not set properly for the Restricted Sites Zone.
V-6290 Medium The Download unsigned ActiveX controls property is not set properly for the Restricted Sites Zone.
V-6291 Medium The Initialize and script ActiveX controls not marked as safe property is not set properly for the Restricted Sites Zone.
V-6298 Medium The Allow META REFRESH is not set properly for the Restricted Sites Zone.
V-15581 Medium Turn on the auto-complete feature for user names and passwords on forms are not disabled.
V-6301 Medium The Drag and drop or copy and paste files is not set properly for the Restricted Sites Zone.
V-15569 Medium Internet Explorer Processes for Zone Elevation is not enabled. (Explorer)
V-15568 Medium Internet Explorer Processes for MK protocol is not enabled. (Reserved)
V-6302 Medium The Installation of desktop items is not set properly for the Restricted Sites Zone.
V-15563 Medium Turn off changing the URL to be displayed for checking updates to Internet Explorer and Internet Tools is not disabled.
V-15562 Medium Scripting of Java applets is not disabled.
V-15561 Medium Run .NET Framework-reliant components signed with Authenticode are not disabled.
V-22636 Medium Run .NET Framework-reliant components signed with Authenticode (Internet Zone) property is properly set.
V-15566 Medium Internet Explorer Processes for MIME handling is not enabled. (IExplore)
V-15565 Medium Internet Explorer Processes for MIME handling is not enabled. (Explorer)
V-15564 Medium Turn off configuring the update check interval is not disabled.
V-16879 Medium The Download signed ActiveX controls property is not set properly for the Lockdown Zone.
V-6281 Medium The Java Permissions is not set properly for the Trusted Sites Zone.
V-6289 Medium The Download signed ActiveX controls property is not set properly for the Restricted Sites Zone.
V-15579 Medium Turn off Crash Detection is not enabled.
V-22688 Medium Internet Explorer Processes Restrict ActiveX Install (IExplorer) property is properly set.
V-15570 Medium Internet Explorer Processes for Zone Elevation is not enabled. (IExplore)
V-15571 Medium Internet Explorer Processes for restricting pop-up windows is not enabled. (Explorer)
V-15572 Medium Internet Explorer Processes for restricting pop-up windows is not enabled. (IExplorer)
V-22687 Medium Internet Explorer Processes Restrict ActiveX Install (Explorer) property is properly set.
V-15574 Medium Disable AutoComplete for forms is not enabled.
V-15575 Medium Disable external branding of Internet Explorer is not enabled.
V-6238 Medium The IE SSL/TLS parameter must be set correctly.
V-6239 Medium The IE warning about certificate address mismatch must be enforced.
V-15580 Medium Turn off page transitions is not enabled.
V-15548 Medium Internet Explorer Processes for MIME handling is not enabled. (Reserved)
V-6243 Medium The Download signed ActiveX controls property is not set properly for the Internet Zone.
V-6304 Medium The Navigate windows and frames across different domains are not set properly for the Restricted Sites Zone.
V-6305 Medium The Software channel permissions is not set properly for the Restricted Sites Zone.
V-6307 Medium The Userdata persistence is not set properly for the Restricted Sites Zone.
V-22635 Medium Run .NET Framework-reliant components not signed with Authenticode (Internet Zone) property is properly set.
V-22634 Medium Allow status bar updates via script (Internet Zone) property is properly set.
V-22637 Medium Allow Scriptlets (Restricted Sites Zone) property is properly set.
V-6303 Medium The Launching programs and files in IFRAME is not set properly for the Restricted Sites Zone.
V-22638 Medium Allow status bar updates via script (Restricted Sites Zone) property is properly set.
V-6308 Medium The Active scripting is not set properly for the Restricted Sites Zone.
V-6309 Medium The Allow paste operations via script is not set properly for the Restricted Sites Zone.
V-6244 Medium The Download unsigned ActiveX controls property is not set properly for the Internet Zone.
V-3428 Medium Internet Explorer is configured to allow users to change policies.
V-3429 Medium Internet Explorer is configured to allow users to add/delete sites.
V-3427 Medium Internet Explorer is not configured to require consistent security zone settings to all users.
V-15604 Medium Internet Explorer Processes for MIME sniffing is not enabled. (IExplore)
V-6253 Medium The Allow Drag and drop or copy and paste files is not set properly for the Internet Zone.
V-6250 Medium The Access data sources across domains is not set properly for the Internet Zone.
V-15560 Medium Run .NET Framework-reliant components not signed with Authenticode are not disabled.
V-6256 Medium The Navigate windows and frames across different domains is not set properly for the Internet Zone.
V-6257 Medium The Software channel permissions is not set properly for the Internet Zone.
V-6254 Medium The Installation of desktop items is not set properly for the Internet Zone.
V-6255 Medium The Launching programs and files in IFRAME are not set properly for the Internet Zone.
V-6259 Medium The Userdata persistence is not set properly for the Internet Zone.
V-7007 Medium The Java Permissions is not set properly for the Restricted Sites Zone.
V-6311 Medium The User Authentication – Logon is not set properly for the Restricted Sites Zone.
V-15603 Medium Internet Explorer Processes for MIME sniffing is not enabled. (Explorer)
V-15528 Medium Turn on Protected Mode for Restricted Sites Zone is not enabled.
V-22149 Medium Prevent Deleting Web sites that the User has Visited is enabled.
V-22148 Medium Delete Browsing History on exit is disabled.
V-15545 Medium Allow binary and script behaviors are not disabled.
V-15546 Medium Automatic prompting for file downloads is not disabled.
V-6245 Medium The Initialize and script ActiveX controls not marked as safe property is not set properly for the Internet Zone.
V-15549 Medium Internet Explorer Processes for MIME sniffing is not enabled. (Reserved)
V-15527 Medium Turn on Protected Mode Internet Zone is not enabled.
V-15526 Medium Turn Off First-Run Opt-In for Restricted Sites Zone is not disabled.
V-15525 Medium Turn Off First-Run Opt-In for Internet Zone is not disabled.
V-15524 Medium Open files based on content, not file extension for Restricted Sites Zone is not disabled.
V-15523 Medium Open files based on content, not file extension for Internet Zone is not disabled.
V-15522 Medium Loose XAML files for Restricted Sites Zone are not disabled.
V-15521 Medium Loose XAML files for Internet Zone are not disabled.
V-15520 Medium Java permissions for group policy for Restricted Sites Zone are not disabled.
V-6249 Medium The Java Permissions is not set properly for the Internet Zone.
V-6248 Medium The Font download control is not set properly for the Internet Zone.
V-15529 Medium Use Pop-up Blocker for Internet Zone is not enabled.
V-32808 Medium Check for publishers certificate revocation must be enforced.
V-22154 Medium Launching programs and unsafe files property is properly set (Internet Zone).
V-22155 Medium Only allow approved domains to use ActiveX controls without prompt property is properly set (Internet Zone).
V-22156 Medium Turn on Cross-Site Scripting (XSS) Filter property is properly set (Internet Zone).
V-22157 Medium Allow scripting of Internet Explorer web browser control property is properly configured (Restricted Sites Zone).
V-22150 Medium Turn off InPrivate Browsing is enabled.
V-22152 Medium Allow scripting of Internet Explorer web browser control property is set (Internet Zone).
V-22153 Medium Include local directory path when uploading files to a server property is properly set.
V-22158 Medium Include local directory path when uploading files to a server is properly set (Restricted Sites Zone).
V-22159 Medium Launching programs and unsafe files property is properly set (Restricted Sites Zone).
V-15490 Medium Automatic configuration of Internet Explorer is not disabled.
V-15497 Medium Allow active content from CDs to run on user machines is not disabled.
V-15494 Medium Turn off the Security Settings Check feature is not disabled.
V-15499 Medium Allow software to run or install even if the signature is invalid is not disabled.
V-15552 Medium Internet Explorer Processes for Zone Elevation is not enabled. (Reserved)
V-15550 Medium Internet Explorer Processes for MK protocol is not enabled. (Explorer)
V-15551 Medium Internet Explorer Processes for MK protocol is not enabled. (IExplore)
V-15556 Medium Internet Explorer Processes for Download prompt is not enabled. (Reserved)
V-15557 Medium Internet Explorer Processes for Download prompt is not enabled. (Explorer)
V-15558 Medium Internet Explorer Processes for Download prompt is not enabled. (IExplore)
V-15559 Medium Internet Explorer Processes for restricting pop-up windows is not enabled. (Reserved)
V-15534 Medium Web sites in less privileged Web content zones can navigate into Restricted Sites Zone is not disabled.
V-15530 Medium Use Pop-up Blocker for Restricted Sites Zone is not enabled.
V-15533 Medium Web sites in less privileged Web content zones can navigate into Internet Zone is not disabled.
V-22161 Medium Turn on Cross-Site Scripting (XSS) Filter property is properly set (Restricted Sites Zone).
V-22160 Medium Only allow approved domains to use ActiveX controls without prompt property is properly set (Restricted Sites Zone).
V-17296 Medium Prevent performance of First Run Customize settings is not enabled.
V-21887 Medium Disable Configuring History - History setting is not set to 40 days.
V-14245 Low Internet Explorer - Do not allow users to enable or disable add-ons.
V-22147 Low Include updated Web site lists from Microsoft is disabled.
V-3430 Low Internet Explorer is not configured to disable making Proxy Settings Per Machine.