Navigate

Check: DTBI122

Microsoft IE Version 7: DTBI122 (in version v4 r20)

Title

Access data sources across domains restricted sites zones are not disabled. (Cat II impact)

Discussion

This policy setting allows you to manage whether Internet Explorer can access data from another security zone using the Microsoft XML Parser (MSXML) or ActiveX Data Objects (ADO). If you enable this policy setting, users can load a page in the zone that uses MSXML or ADO to access data from another site in the zone. If you select Prompt in the drop-down box, users are queried to choose whether to allow a page to be loaded in the zone that uses MSXML or ADO to access data from another site in the zone. If you disable this policy setting, users cannot load a page in the zone that uses MSXML or ADO to access data from another site in the zone. If you do not configure this policy setting, users cannot load a page in the zone that uses MSXML or ADO to access data from another site in the zone.

Check Content

The policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> Internet Control Panel -> Security Page -> Restricted Sites Zone -> "Access data sources across domains" will be set to “Enabled” and "Disable" selected from down drop box. Procedure: Use the Windows Registry Editor to navigate to the following key: HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 Criteria: If the value 1406 is REG_DWORD = 3, this is not a finding.

Fix Text

Additional Identifiers

Rule ID: SV-16430r1_rule

Vulnerability ID: V-6297

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
No CCIs are assigned to this check

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
No controls are assigned to this check