Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Ability for users to enable or disable add-ons must be enforced.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-14245 | DTBI697 | SV-45057r2_rule | ECSC-1 | Low |
| Description |
|---|
| Users often choose to install add-ons that are not permitted by an organization's security policy. Such add-ons can pose a significant security and privacy risk to your network. This policy setting allows you to manage whether users have the ability to allow or deny add-ons through Add-On Manager. If you enable this policy setting, users cannot enable or disable add-ons through Add-On Manager. The only exception occurs if an add-on has been specifically entered into the 'Add-On List' policy setting in such a way as to allow users to continue to manage the add-on. In this case, the user can still manage the add-on. If you disable or do not configure this policy setting, the appropriate controls in the Add-On Manager will be available to the user. |
| STIG | Date |
|---|---|
| Microsoft Internet Explorer 10 Security Technical Implementation Guide | 2014-01-08 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (F-38466r2_fix) |
|---|
| Set the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer-> "Do Not Allow users to enable or disable add-ons" to "Disabled" or "Not Configured". |