Check: DTBI061
Title
The Java Permissions is not set properly for the Local Zone. (Cat II impact)
Discussion
Java must have a level of protection based upon the site being browsed.
Check Content
The policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> Internet Control Panel -> Security Page -> Intranet Zone -> “Java permissions” will be set to “Enabled” and “High Safety”. Procedure: Use the Windows Registry Editor to navigate to the following key: HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 Criteria: If the value 1C00 is REG_DWORD = 65536, (High Safety), this is not a finding.
Fix Text
The policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> Internet Control Panel -> Security Page -> Intranet Zone -> “Java permissions” will be set to “Enabled” and “High Safety”. Change the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 Criteria: Set the value 1C00 to REG_DWORD = 65536, (High Safety).
Additional Identifiers
Rule ID:
Vulnerability ID: V-6267
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
No CCIs are assigned to this check |
Controls
Number | Title |
---|---|
No controls are assigned to this check |