Update correct registry Path for Chrome v-221596

CHANGELOG.md

@@ -2,6 +2,7 @@
 
 ## [Unreleased]
 
+* Fix for Chrome issue Registry Path is incorrect [#1215](https://github.com/microsoft/PowerStig/issues/1215)
 * Update PowerSTIG to Parse/Apply U_MS_Office_365_ProPlus_V2R11_STIG: [#1281](https://github.com/microsoft/PowerStig/issues/1281)
 * Update PowerSTIG to Parse/Apply U_MS_Windows_11_V1R5_STIG: [#1273](https://github.com/microsoft/PowerStig/issues/1273)
 

source/StigData/Archive/Chrome/U_Google_Chrome_STIG_V2R7_Manual-xccdf.log

@@ -7,7 +7,7 @@ V-221563::*::HardCodedRule(RegistryRule)@{DscResource = 'RegistryPolicyFile'; Ke
 V-221564::*::HardCodedRule(RegistryRule)@{DscResource = 'RegistryPolicyFile'; Key = 'HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome'; ValueName = 'DefaultSearchProviderName'; ValueType = 'String';  ValueData = $null; OrganizationValueTestString = "{0} -eq 'an organization approved encrypted search provider'"}
 V-221565::*::HardCodedRule(RegistryRule)@{DscResource = 'RegistryPolicyFile'; Key = 'HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome'; ValueName = 'DefaultSearchProviderSearchURL'; ValueType = 'String';  ValueData = $null; OrganizationValueTestString = "{0} -eq 'an organization-approved encrypted search string'"}
 V-221588::*::HardCodedRule(RegistryRule)@{DscResource = 'RegistryPolicyFile'; Key = 'HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome'; ValueName = 'DownloadRestrictions'; ValueType = 'Dword';  ValueData = $null; OrganizationValueTestString = "{0} -eq '1|2'"}
-V-221596::*::HardCodedRule(RegistryRule)@{DscResource = 'RegistryPolicyFile'; Key = 'HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome'; ValueName = 'AutoplayAllowlist'; ValueType = 'MultiString';  ValueData = $null; OrganizationValueTestString = "{0} -eq 'a list of administrator-approved URLs"}
+V-221596::*::HardCodedRule(RegistryRule)@{DscResource = 'RegistryPolicyFile'; Key = 'HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\AutoplayAllowlist'; ValueName = '1'; ValueType = 'String';  ValueData = $null; OrganizationValueTestString = "{0} -eq 'a list of administrator-approved URLs"}
 V-234701::*::HardCodedRule(RegistryRule)@{DscResource = 'RegistryPolicyFile'; Key = 'HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome'; ValueName = 'SSLVersionMin'; ValueType = 'String';  ValueData = 'tls1.2'}
 V-245539::*::HardCodedRule(RegistryRule)@{DscResource = 'Registry'; Ensure = 'Absent'; Key = 'HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome'; ValueName = 'CookiesSessionOnlyForUrls'}
-V-221572::*::HardCodedRule(RegistryRule)@{DscResource = 'Registry'; Ensure = 'Present'; Key = 'HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\URLBlocklist'; ValueName = 'CookiesSessionOnlyForUrls'; ValueType = 'String'; ValueData = 'javascript://*'}
+V-221572::*::HardCodedRule(RegistryRule)@{DscResource = 'Registry'; Ensure = 'Present'; Key = 'HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\URLBlocklist'; ValueName = '1'; ValueType = 'String'; ValueData = 'javascript://*'}

source/StigData/Archive/Chrome/U_Google_Chrome_STIG_V2R8_Manual-xccdf.log

@@ -7,7 +7,7 @@ V-221563::*::HardCodedRule(RegistryRule)@{DscResource = 'RegistryPolicyFile'; Ke
 V-221564::*::HardCodedRule(RegistryRule)@{DscResource = 'RegistryPolicyFile'; Key = 'HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome'; ValueName = 'DefaultSearchProviderName'; ValueType = 'String';  ValueData = $null; OrganizationValueTestString = "{0} -eq 'an organization approved encrypted search provider'"}
 V-221565::*::HardCodedRule(RegistryRule)@{DscResource = 'RegistryPolicyFile'; Key = 'HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome'; ValueName = 'DefaultSearchProviderSearchURL'; ValueType = 'String';  ValueData = $null; OrganizationValueTestString = "{0} -eq 'an organization-approved encrypted search string'"}
 V-221588::*::HardCodedRule(RegistryRule)@{DscResource = 'RegistryPolicyFile'; Key = 'HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome'; ValueName = 'DownloadRestrictions'; ValueType = 'Dword';  ValueData = $null; OrganizationValueTestString = "{0} -eq '1|2'"}
-V-221596::*::HardCodedRule(RegistryRule)@{DscResource = 'RegistryPolicyFile'; Key = 'HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome'; ValueName = 'AutoplayAllowlist'; ValueType = 'MultiString';  ValueData = $null; OrganizationValueTestString = "{0} -eq 'a list of administrator-approved URLs"}
+V-221596::*::HardCodedRule(RegistryRule)@{DscResource = 'RegistryPolicyFile'; Key = 'HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\AutoplayAllowlist'; ValueName = '1'; ValueType = 'String';  ValueData = $null; OrganizationValueTestString = "{0} -eq 'a list of administrator-approved URLs"}
 V-234701::*::HardCodedRule(RegistryRule)@{DscResource = 'RegistryPolicyFile'; Key = 'HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome'; ValueName = 'SSLVersionMin'; ValueType = 'String';  ValueData = 'tls1.2'}
 V-245539::*::HardCodedRule(RegistryRule)@{DscResource = 'Registry'; Ensure = 'Absent'; Key = 'HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome'; ValueName = 'CookiesSessionOnlyForUrls'}
-V-221572::*::HardCodedRule(RegistryRule)@{DscResource = 'Registry'; Ensure = 'Present'; Key = 'HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\URLBlocklist'; ValueName = 'CookiesSessionOnlyForUrls'; ValueType = 'String'; ValueData = 'javascript://*'}
+V-221572::*::HardCodedRule(RegistryRule)@{DscResource = 'Registry'; Ensure = 'Present'; Key = 'HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\URLBlocklist'; ValueName = '1'; ValueType = 'String'; ValueData = 'javascript://*'}

source/StigData/Processed/Google-Chrome-2.7.org.default.xml

@@ -13,7 +13,7 @@
   <!-- Ensure 'V-221565' -eq 'an organization-approved encrypted search string'-->
   <OrganizationalSetting id="V-221565" ValueData="" />
   <!-- Ensure 'V-221588' -eq '1|2'-->
-  <OrganizationalSetting id="V-221588" ValueData="1" />
+  <OrganizationalSetting id="V-221588" ValueData="[*.]mil,[*.]gov" />
   <!-- Ensure 'V-221596' -eq 'a list of administrator-approved URLs-->
   <OrganizationalSetting id="V-221596" ValueData="" />
 </OrganizationalSettings>

source/StigData/Processed/Google-Chrome-2.7.xml

@@ -1,4 +1,4 @@
-<DISASTIG version="2" classification="UNCLASSIFIED" customname="" stigid="Google_Chrome_Current_Windows" description="This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]." filename="U_Google_Chrome_STIG_V2R7_Manual-xccdf.xml" releaseinfo="Release: 7 Benchmark Date: 27 Oct 2022 3.4.0.34222 1.10.0" title="Google Chrome Current Windows Security Technical Implementation Guide" notice="terms-of-use" source="STIG.DOD.MIL" fullversion="2.7" created="12/1/2022">
+<DISASTIG version="2" classification="UNCLASSIFIED" customname="" stigid="Google_Chrome_Current_Windows" description="This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]." filename="U_Google_Chrome_STIG_V2R7_Manual-xccdf.xml" releaseinfo="Release: 7 Benchmark Date: 27 Oct 2022 3.4.0.34222 1.10.0" title="Google Chrome Current Windows Security Technical Implementation Guide" notice="terms-of-use" source="STIG.DOD.MIL" fullversion="2.7" created="9/15/2023">
   <ManualRule dscresourcemodule="None">
     <Rule id="V-221584" severity="medium" conversionstatus="pass" title="SRG-APP-000456" dscresource="None">
       <Description>&lt;VulnDiscussion&gt;Google Chrome is being continually updated by the vendor in order to address identified security vulnerabilities. Running an older version of the browser can introduce security vulnerabilities to the system.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</Description>
@@ -283,7 +283,7 @@ Windows method:
 
 </RawString>
       <ValueData>javascript://*</ValueData>
-      <ValueName>CookiesSessionOnlyForUrls</ValueName>
+      <ValueName>1</ValueName>
       <ValueType>String</ValueType>
     </Rule>
     <Rule id="V-221573" severity="medium" conversionstatus="pass" title="SRG-APP-000047" dscresource="RegistryPolicyFile">
@@ -698,7 +698,7 @@ Windows method:
       <DuplicateOf />
       <Ensure>Present</Ensure>
       <IsNullOrEmpty>False</IsNullOrEmpty>
-      <Key>HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome</Key>
+      <Key>HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\AutoplayAllowlist</Key>
       <LegacyId>V-81589</LegacyId>
       <OrganizationValueRequired>True</OrganizationValueRequired>
       <OrganizationValueTestString>{0} -eq 'a list of administrator-approved URLs</OrganizationValueTestString>
@@ -711,8 +711,8 @@ Windows method:
 2. Navigate to HKLM\Software\Policies\Google\Chrome\
 3. If the “AutoplayAllowlist” key may contain a list of administrator-approved URLs. This requirement is optional.</RawString>
       <ValueData />
-      <ValueName>AutoplayAllowlist</ValueName>
-      <ValueType>MultiString</ValueType>
+      <ValueName>1</ValueName>
+      <ValueType>String</ValueType>
     </Rule>
     <Rule id="V-221597" severity="medium" conversionstatus="pass" title="SRG-APP-000206" dscresource="RegistryPolicyFile">
       <Description>&lt;VulnDiscussion&gt;Enable URL-keyed anonymized data collection in Google Chrome and prevent users from changing this setting.

source/StigData/Processed/Google-Chrome-2.8.org.default.xml

@@ -13,7 +13,7 @@
   <!-- Ensure 'V-221565' -eq 'an organization-approved encrypted search string'-->
   <OrganizationalSetting id="V-221565" ValueData="" />
   <!-- Ensure 'V-221588' -eq '1|2'-->
-  <OrganizationalSetting id="V-221588" ValueData="1" />
+  <OrganizationalSetting id="V-221588" ValueData="[*.]mil,[*.]gov" />
   <!-- Ensure 'V-221596' -eq 'a list of administrator-approved URLs-->
   <OrganizationalSetting id="V-221596" ValueData="" />
 </OrganizationalSettings>

source/StigData/Processed/Google-Chrome-2.8.xml

@@ -1,4 +1,4 @@
-<DISASTIG version="2" classification="UNCLASSIFIED" customname="" stigid="Google_Chrome_Current_Windows" description="This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]." filename="U_Google_Chrome_STIG_V2R8_Manual-xccdf.xml" releaseinfo="Release: 8 Benchmark Date: 26 Jan 2023 3.4.0.34222 1.10.0" title="Google Chrome Current Windows Security Technical Implementation Guide" notice="terms-of-use" source="STIG.DOD.MIL" fullversion="2.8" created="2/10/2023">
+<DISASTIG version="2" classification="UNCLASSIFIED" customname="" stigid="Google_Chrome_Current_Windows" description="This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]." filename="U_Google_Chrome_STIG_V2R8_Manual-xccdf.xml" releaseinfo="Release: 8 Benchmark Date: 26 Jan 2023 3.4.0.34222 1.10.0" title="Google Chrome Current Windows Security Technical Implementation Guide" notice="terms-of-use" source="STIG.DOD.MIL" fullversion="2.8" created="9/15/2023">
   <ManualRule dscresourcemodule="None">
     <Rule id="V-221584" severity="medium" conversionstatus="pass" title="SRG-APP-000456" dscresource="None">
       <Description>&lt;VulnDiscussion&gt;Google Chrome is being continually updated by the vendor in order to address identified security vulnerabilities. Running an older version of the browser can introduce security vulnerabilities to the system.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</Description>
@@ -283,7 +283,7 @@ Windows method:
 
 </RawString>
       <ValueData>javascript://*</ValueData>
-      <ValueName>CookiesSessionOnlyForUrls</ValueName>
+      <ValueName>1</ValueName>
       <ValueType>String</ValueType>
     </Rule>
     <Rule id="V-221573" severity="medium" conversionstatus="pass" title="SRG-APP-000047" dscresource="RegistryPolicyFile">
@@ -698,7 +698,7 @@ Windows method:
       <DuplicateOf />
       <Ensure>Present</Ensure>
       <IsNullOrEmpty>False</IsNullOrEmpty>
-      <Key>HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome</Key>
+      <Key>HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\AutoplayAllowlist</Key>
       <LegacyId>V-81589</LegacyId>
       <OrganizationValueRequired>True</OrganizationValueRequired>
       <OrganizationValueTestString>{0} -eq 'a list of administrator-approved URLs</OrganizationValueTestString>
@@ -711,8 +711,8 @@ Windows method:
 2. Navigate to HKLM\Software\Policies\Google\Chrome\
 3. If the “AutoplayAllowlist” key may contain a list of administrator-approved URLs. This requirement is optional.</RawString>
       <ValueData />
-      <ValueName>AutoplayAllowlist</ValueName>
-      <ValueType>MultiString</ValueType>
+      <ValueName>1</ValueName>
+      <ValueType>String</ValueType>
     </Rule>
     <Rule id="V-221597" severity="medium" conversionstatus="pass" title="SRG-APP-000206" dscresource="RegistryPolicyFile">
       <Description>&lt;VulnDiscussion&gt;Enable URL-keyed anonymized data collection in Google Chrome and prevent users from changing this setting.