Title

The IE save encrypted pages to disk parameter is not set correctly. (Cat II impact)

Discussion

This parameter ensures pages using SSL or TLS are not cached to the local drive. This ensures sensitive data from a web site does not remain on the machine that is not properly protected.

Check Content

Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings Criteria: If the value DisableCachingOfSSLPages is 1, this is not a finding. If the Do not save encrypted pages to disk is 0 enabled and the permissions of the Temporary Internet files folder are not the same as, or more restrictive than, those in the following table, this is a Finding. variable\Temporary Internet Files(The variable portion of the path name depends on the configuration setting in Internet Explorer.) Administrators ALL CREATOR OWNER ALL SYSTEM ALL [user] ALL

Fix Text

Change the value of registry key HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings to DisableCachingOfSSLPages is 1

Additional Identifiers

Rule ID: SV-6287r1_rule

Vulnerability ID: V-6237

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.