Check: DTBI133
Microsoft IE Version 7:
DTBI133
(in version v4 r20)
Title
Allow active scripting is not disabled. (Cat II impact)
Discussion
Active Scripting must have level of protection based upon the site being accessed.
Check Content
The policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> Internet Control Panel -> Security Page -> Restricted Sites Zone -> "Allow active scripting" will be set to “Enabled” and "Disable" selected from down drop box. Procedure: Use the Windows Registry Editor to navigate to the following key: HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 Criteria: If the value 1400 is REG_DWORD = 3, this is not a finding.
Fix Text
The policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> Internet Control Panel -> Security Page -> Restricted Sites Zone -> "Allow active scripting" will be set to “Enabled” and "Disable" selected from down drop box. Procedure: Use the Windows Registry Editor to navigate to the following key: HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 Criteria: Set the value 1400 to REG_DWORD = 3.
Additional Identifiers
Rule ID: SV-16461r1_rule
Vulnerability ID: V-6308
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
No CCIs are assigned to this check |
Controls
Number | Title |
---|---|
No controls are assigned to this check |