Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-6228 | DTBI001 | SV-72161r2_rule | DCMC-1 | Medium |
Description |
---|
By setting this parameter appropriately, a malicious web site will not be automatically loaded into a browser which may contain mobile code. |
STIG | Date |
---|---|
Microsoft Internet Explorer 10 Security Technical Implementation Guide | 2015-12-16 |
Check Text ( C-170r4_chk ) |
---|
The policy for User Configuration -> Policies -> Administrative Templates -> Windows Components -> Internet Explorer "Disable changing home page settings" must be "Enable" and specify the URL for the home page. Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Microsoft\Internet Explorer\Main Criteria: If the value Start Page is about:blank or a trusted site this is not a finding. |
Fix Text (F-131r3_fix) |
---|
Set the policy for User Configuration -> Policies -> Administrative Templates -> Windows Components -> Internet Explorer "Disable changing home page settings" to "Enable" and specify the URL for the home page. |