Internet Explorer Processes for MK protocol must be enforced (Explorer).

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-15550	DTBI600	SV-40665r1_rule	ECSC-1	Medium

Description
The MK Protocol Security Restriction policy setting reduces attack surface area by blocking the seldom used MK protocol. Some older web applications use the MK protocol to retrieve information from compressed files. Because the MK Protocol is not widely used, it should be blocked wherever it is not needed. Setting this policy to enabled, blocks the MK protocol for Windows Explorer and Internet Explorer, which causes resources that use the MK protocol to fail. Disabling this setting allows applications to use the MK protocol API. Because the MK protocol is not widely used, it should be blocked wherever it is not needed. This guide recommends you configure this setting to Enabled to block the MK protocol unless it is specifically needed it in the environment. Note: Because resources that use the MK protocol will fail when deploying this setting, ensure none of the applications use the MK protocol.

Description

The MK Protocol Security Restriction policy setting reduces attack surface area by blocking the seldom used MK protocol. Some older web applications use the MK protocol to retrieve information from compressed files. Because the MK Protocol is not widely used, it should be blocked wherever it is not needed. Setting this policy to enabled, blocks the MK protocol for Windows Explorer and Internet Explorer, which causes resources that use the MK protocol to fail. Disabling this setting allows applications to use the MK protocol API. Because the MK protocol is not widely used, it should be blocked wherever it is not needed. This guide recommends you configure this setting to Enabled to block the MK protocol unless it is specifically needed it in the environment. Note: Because resources that use the MK protocol will fail when deploying this setting, ensure none of the applications use the MK protocol.

STIG	Date
Internet Explorer 9 Security Technical Implementation Guide	2015-06-30

Details

Check Text ( C-39400r2_chk )
The policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> Security Features -> MK Protocol Security Restriction -> "Internet Explorer Processes" must be “Enabled”. Procedure: Use the Windows Registry Editor to navigate to the following key: HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL Criteria: If the value explorer.exe is REG_SZ = 1, this is not a finding

Check Text ( C-39400r2_chk )

The policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> Security Features -> MK Protocol Security Restriction -> "Internet Explorer Processes" must be “Enabled”.

Procedure: Use the Windows Registry Editor to navigate to the following key:
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL

Criteria: If the value explorer.exe is REG_SZ = 1, this is not a finding

Fix Text (F-34520r1_fix)
Set the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> Security Features -> MK Protocol Security Restriction -> "Internet Explorer Processes" to “Enabled”.