Title

Browser history must be saved. (Cat II impact)

Discussion

This policy disables saving browser history in Google Chrome and prevents users from changing this setting. If this setting is enabled, browsing history is not saved. If this setting is disabled or not set, browsing history is saved.

Check Content

Universal method: 1. In the omnibox (address bar) type chrome://policy 2. If the policy 'SavingBrowserHistoryDisabled' is not shown or is not set to false, then this is a finding. Windows method: 1. Start regedit 2. Navigate to HKLM\Software\Policies\Google\Chrome\ 3. If the SavingBrowserHistoryDisabled value name does not exist or its value data is not set to 0, then this is a finding.

Fix Text

Windows group policy: 1. Open the group policy editor tool with gpedit.msc 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Google\Google Chrome\ Policy Name: Disable saving browser history Policy State: Disabled Policy Value: N/A

Additional Identifiers

Rule ID: SV-221581r879642_rule

Vulnerability ID: V-221581

Group Title: SRG-APP-000231

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.