-
Notifications
You must be signed in to change notification settings - Fork 115
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1267 from microsoft/erjenkin/ChromeFix1
Update correct registry Path for Chrome v-221596
- Loading branch information
Showing
7 changed files
with
17 additions
and
16 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,4 @@ | ||
| <DISASTIG version="2" classification="UNCLASSIFIED" customname="" stigid="Google_Chrome_Current_Windows" description="This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]." filename="U_Google_Chrome_STIG_V2R7_Manual-xccdf.xml" releaseinfo="Release: 7 Benchmark Date: 27 Oct 2022 3.4.0.34222 1.10.0" title="Google Chrome Current Windows Security Technical Implementation Guide" notice="terms-of-use" source="STIG.DOD.MIL" fullversion="2.7" created="12/1/2022"> | ||
| <DISASTIG version="2" classification="UNCLASSIFIED" customname="" stigid="Google_Chrome_Current_Windows" description="This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]." filename="U_Google_Chrome_STIG_V2R7_Manual-xccdf.xml" releaseinfo="Release: 7 Benchmark Date: 27 Oct 2022 3.4.0.34222 1.10.0" title="Google Chrome Current Windows Security Technical Implementation Guide" notice="terms-of-use" source="STIG.DOD.MIL" fullversion="2.7" created="9/15/2023"> | ||
| <ManualRule dscresourcemodule="None"> | ||
| <Rule id="V-221584" severity="medium" conversionstatus="pass" title="SRG-APP-000456" dscresource="None"> | ||
| <Description><VulnDiscussion>Google Chrome is being continually updated by the vendor in order to address identified security vulnerabilities. Running an older version of the browser can introduce security vulnerabilities to the system.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></Description> | ||
|
|
@@ -283,7 +283,7 @@ Windows method: | |
|
|
||
| </RawString> | ||
| <ValueData>javascript://*</ValueData> | ||
| <ValueName>CookiesSessionOnlyForUrls</ValueName> | ||
| <ValueName>1</ValueName> | ||
| <ValueType>String</ValueType> | ||
| </Rule> | ||
| <Rule id="V-221573" severity="medium" conversionstatus="pass" title="SRG-APP-000047" dscresource="RegistryPolicyFile"> | ||
|
|
@@ -698,7 +698,7 @@ Windows method: | |
| <DuplicateOf /> | ||
| <Ensure>Present</Ensure> | ||
| <IsNullOrEmpty>False</IsNullOrEmpty> | ||
| <Key>HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome</Key> | ||
| <Key>HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\AutoplayAllowlist</Key> | ||
| <LegacyId>V-81589</LegacyId> | ||
| <OrganizationValueRequired>True</OrganizationValueRequired> | ||
| <OrganizationValueTestString>{0} -eq 'a list of administrator-approved URLs</OrganizationValueTestString> | ||
|
|
@@ -711,8 +711,8 @@ Windows method: | |
| 2. Navigate to HKLM\Software\Policies\Google\Chrome\ | ||
| 3. If the “AutoplayAllowlist” key may contain a list of administrator-approved URLs. This requirement is optional.</RawString> | ||
| <ValueData /> | ||
| <ValueName>AutoplayAllowlist</ValueName> | ||
| <ValueType>MultiString</ValueType> | ||
| <ValueName>1</ValueName> | ||
| <ValueType>String</ValueType> | ||
| </Rule> | ||
| <Rule id="V-221597" severity="medium" conversionstatus="pass" title="SRG-APP-000206" dscresource="RegistryPolicyFile"> | ||
| <Description><VulnDiscussion>Enable URL-keyed anonymized data collection in Google Chrome and prevent users from changing this setting. | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,4 @@ | ||
| <DISASTIG version="2" classification="UNCLASSIFIED" customname="" stigid="Google_Chrome_Current_Windows" description="This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]." filename="U_Google_Chrome_STIG_V2R8_Manual-xccdf.xml" releaseinfo="Release: 8 Benchmark Date: 26 Jan 2023 3.4.0.34222 1.10.0" title="Google Chrome Current Windows Security Technical Implementation Guide" notice="terms-of-use" source="STIG.DOD.MIL" fullversion="2.8" created="2/10/2023"> | ||
| <DISASTIG version="2" classification="UNCLASSIFIED" customname="" stigid="Google_Chrome_Current_Windows" description="This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]." filename="U_Google_Chrome_STIG_V2R8_Manual-xccdf.xml" releaseinfo="Release: 8 Benchmark Date: 26 Jan 2023 3.4.0.34222 1.10.0" title="Google Chrome Current Windows Security Technical Implementation Guide" notice="terms-of-use" source="STIG.DOD.MIL" fullversion="2.8" created="9/15/2023"> | ||
| <ManualRule dscresourcemodule="None"> | ||
| <Rule id="V-221584" severity="medium" conversionstatus="pass" title="SRG-APP-000456" dscresource="None"> | ||
| <Description><VulnDiscussion>Google Chrome is being continually updated by the vendor in order to address identified security vulnerabilities. Running an older version of the browser can introduce security vulnerabilities to the system.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls></Description> | ||
|
|
@@ -283,7 +283,7 @@ Windows method: | |
|
|
||
| </RawString> | ||
| <ValueData>javascript://*</ValueData> | ||
| <ValueName>CookiesSessionOnlyForUrls</ValueName> | ||
| <ValueName>1</ValueName> | ||
| <ValueType>String</ValueType> | ||
| </Rule> | ||
| <Rule id="V-221573" severity="medium" conversionstatus="pass" title="SRG-APP-000047" dscresource="RegistryPolicyFile"> | ||
|
|
@@ -698,7 +698,7 @@ Windows method: | |
| <DuplicateOf /> | ||
| <Ensure>Present</Ensure> | ||
| <IsNullOrEmpty>False</IsNullOrEmpty> | ||
| <Key>HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome</Key> | ||
| <Key>HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\AutoplayAllowlist</Key> | ||
| <LegacyId>V-81589</LegacyId> | ||
| <OrganizationValueRequired>True</OrganizationValueRequired> | ||
| <OrganizationValueTestString>{0} -eq 'a list of administrator-approved URLs</OrganizationValueTestString> | ||
|
|
@@ -711,8 +711,8 @@ Windows method: | |
| 2. Navigate to HKLM\Software\Policies\Google\Chrome\ | ||
| 3. If the “AutoplayAllowlist” key may contain a list of administrator-approved URLs. This requirement is optional.</RawString> | ||
| <ValueData /> | ||
| <ValueName>AutoplayAllowlist</ValueName> | ||
| <ValueType>MultiString</ValueType> | ||
| <ValueName>1</ValueName> | ||
| <ValueType>String</ValueType> | ||
| </Rule> | ||
| <Rule id="V-221597" severity="medium" conversionstatus="pass" title="SRG-APP-000206" dscresource="RegistryPolicyFile"> | ||
| <Description><VulnDiscussion>Enable URL-keyed anonymized data collection in Google Chrome and prevent users from changing this setting. | ||
|
|
||