Check: DTBI800
Title
Allow scripting of Internet Explorer web browser control property is set (Internet Zone). (Cat II impact)
Discussion
This policy setting controls whether a page may control embedded WebBrowser Controls via script. If you do not configure this policy setting, script access to the WebBrowser Control can be enabled or disabled by the user. By default, script access to the WebBrowser control is only allowed in the Local Machine and Intranet Zones.
Check Content
The policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> Internet Control Panel -> Security Page -> Internet Zone -> “Allow scripting of Internet Explorer web browser control” will be set to “Enabled” and “Disable”. Procedure: Use the Windows Registry Editor to navigate to the following key: HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 Criteria: If the value 1206 is REG_DWORD = 3, this is not a finding.
Fix Text
The policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> Internet Control Panel -> Security Page -> Internet Zone -> “Allow scripting of Internet Explorer web browser control” will be set to “Enabled” and “Disable”. Procedure: Use the Windows Registry Editor to navigate to the following key: HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 Criteria: Set the value 1206 to REG_DWORD = 3.
Additional Identifiers
Rule ID:
Vulnerability ID: V-22152
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
No CCIs are assigned to this check |
Controls
Number | Title |
---|---|
No controls are assigned to this check |