Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-3427 | DTBI320 | SV-25182r1_rule | ECSC-1 | Medium |
Description |
---|
This setting enforces consistent security zone settings to all users of the computer. Security zones control browser behavior at various web sites and it is desirable to maintain a consistent policy for all users of a machine. |
STIG | Date |
---|---|
Internet Explorer 8 STIG | 2012-06-22 |
Check Text ( http://oval.mitre.org/XMLSchema/oval-definitions-5 ) |
---|
The policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer “Security Zones: Use only machine settings” will be set to “Enabled”. Procedure: Use the Windows Registry Editor to navigate to the following key: HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings Criteria: If the value Security_HKLM_only is REG_DWORD = 1, this is not a finding. |
Fix Text (F-26928r1_fix) |
---|
The policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer “Security Zones: Use only machine settings” will be set to “Enabled”. Procedure: Use the Windows Registry Editor to navigate to the following key: HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings Criteria: Set the value Security_HKLM_only to REG_DWORD = 1. |